Cloud Security Podcast

In this episode of the Virtual Coffee with Ashish edition, we spoke with John Savill (Linkedin_John Savill) is the Principal Cloud Architect, Author and YouTuber. Host: Ashish Rajan - Twitter @hashishrajan Guest: John Savill (Linkedin_John Savill) In this episode, John & Ashish spoke about How is security different between Cloud Security vs On-Prem Security? How does one track API/User Activity across Azure implementation? What are some of the security products in Azure that are good practices for anyone starting today? So what log must be collected to ensure all API events are collected? What are the best security practice for Identity and Networking in Azure? What Security Frameworks for Azure like CIS exist for Azure? How would Monitoring and Incident Response work in an Azure Deployment ? What are examples of Azure Security Maturity Levels? Creating Content for the technology space, where does one start? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Barak Schoster Goihman (@barakschoster) is the Co-Founder and CTO of Bridgecrew (@Bridgecrewio). Host: Ashish Rajan - Twitter @hashishrajan Guest: Barak Schoster Goihman @barakschoster In this episode, Barak & Ashish spoke about What is Infrastructure as Code Security Application Security vs Infrastructure as Code Security - are they same? What is DevSecOps? Where should one start? Ansible? Terraform? Kubernetes? Saltstack? Configuration and Policy as Code - What are these? How to get started on Infrastructure Security? Open source vs Paid product, what should one consider before going down either path? The future of Infrastructure as Code Security? Difference between a DSL and a general purpose programming language? Becoming a successful startup founder as a developer, what are some tips you can share for future startup founders? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Toni de la Fuente (@toniblyx) is the Senior Security Consultant at AWS (@AWSCloud) and author of Prowler - AWS Security Tool. Host: Ashish Rajan - Twitter @hashishrajan Guest: Toni de la Fuente @toniblyx  In this episode, Toni & Ashish spoke about What is Cloud Security Assessment? The story behind the creation of Prowler and what Prowler does? How is Prowler different to CIS benchmark? How to set up an effective incident response plan? How to respond to forensic collection evidence? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nicholas McLaren (Linkedin - nmclarencys) is the Cloud Security Engineer, ByteChek(@Bytechek). Host: Ashish Rajan - Twitter @hashishrajan Guest: Nicholas McLaren (Linkedin - nmclarencys In this episode, Nick & Ashish spoke about What qualifications do you need to become a cloud security engineer? Degrees, certifications etc How to network effective to secure your 1st cloud security role? Network in the world of Covid-19. A day in the life of a Cloud Security Engineer Soft skills required by Cloud Security Engineers How to get recruiters and hiring managers to notice you? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Michael Fraser (@itascode) is the Chief Architect, Co-Founder at refactr (@RefactrIT). Host: Ashish Rajan - Twitter @hashishrajan Guest: Michael Fraser - @itascode  In this episode, Michael & Ashish spoke about What is DevSecOps? What is Kubernetes? Why would you use Kubernetes? What should a Kubernetes Deployment look like when done right from a security perspective? The building blocks of making Kubernetes part of your CICD pipeline. Benchmarks to use to measure maturity of organisations And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ben Tomhave (Linkedin - @btomhave) is the Principal, Falcon’s View Consulting (@FalconsView). Host: Ashish Rajan - Twitter @hashishrajan Guest: Ben Tomhave (Linkedin - @btomhave)  In this episode, Ben & Ashish spoke about What are Containers? What is Container Security/ Kubernetes Security for people from traditional security background? What should a Container Deployment look like? 7 Security Challenges for introducing Containers into an organization, where to get started? Building Blocks for building Container Security at Scale - the right way. Software Composition Analysis for Containers Security challenges with Containers & Serverless What was NOC and SOC and does Cloud knowledge really matter for that role? How to create awareness about container security in traditional computer security team? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Guest: Zane Lackey - Linkedin In this episode, Zane & Ashish spoke about What was your path to your current CyberSecurity Role? DevOps movement between East Coast and West Coast in 2010  - Etsy (Biggie) & Netflix (2Pac) Was the change to 30 production deployments a day, good thing for security? What was action plan as a CISO to tackle 30 deployments a day? Has the viewpoint on Security and thing that kept CISO awake at night changed due to Pandemic? Post Pandemic CISOs have 100s of single pane of glass Scale is the problem that is facing every security team. And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kurt John, Chief CyberSecurity Officer CISO at Siemens USA Host: Ashish Rajan - Twitter @hashishrajan Guest: Kurt John - Linkedin In this episode, Kurt & Ashish spoke about Cloud Security in a Large Organisation and the challenges that come with it. Cloud and Cloud Security in the Operation Technology World How Product Security and Enterprise Security is approached? The impact of Covid-19 on cloud transformation. Impact of Edge Technology and 5G. How beginners can expose themselves to OT security? What happens in the world of OT and SCADA to help businesses with cyber readiness? Should security be turn on by default? Charter of Trust Whats next for SCADA (Supervisory Control and Data Acquisition)? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with David Lavezzo, Director of Security Chaos Engineering at Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: David Lavezzo - Linkedin In this episode, David & Ashish spoke about What is security chaos experiments and how does it compare to chaos engineering? The Golden Age of Offence? Tools for Chaos Experiments How to get started in Security Chaos Experiments? Is Security Chaos Experiments only for large companies? Security Chaos Experiments in Production How to get organisation buy in for Security Chaos Experiments? What is gap hunting? Security Chaos Engineering at Scale and what metrics can be used to measure its maturity? The upcoming trends of Security Chaos Engineering And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brianna Malcolmson, Security Engineering Manager, Atlassian  Host: Ashish Rajan - Twitter @hashishrajan Guest: Brianna Malcolmson - Linkedin @briannajoy In this episode, Brianna & Ashish spoke about What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? How to get started in Cloud Pentesting? The need for Cloud Certification and recommendations for Beginners? Is there something people are not talking enough about in a Cloud Security context? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai