Cloud Security Podcast

In this discussion, Santiago, a Senior Security Engineer at Canva, shares insights on building incident response teams in high-growth companies. He explains how incident response differs in fast-paced versus established environments and the vital skills needed for effective management. Santiago also touches on the importance of communication, the dynamic between Red Teams and incident responders, and strategies for enhancing endpoint security. Additionally, he highlights the role of data visualization in security monitoring, emphasizing the need for effective dashboard design.

Srinath Kuruvadi, a cloud security veteran with over 20 years of experience, shares invaluable insights into the evolving landscape of cloud security. He discusses the crucial role of proactive incident response teams and emphasizes the need for a prevention-first strategy in a multi-cloud world. The importance of stakeholder management and robust data security practices also takes center stage. Srinath highlights the challenges of talent acquisition and the significance of tailored AI solutions for enhancing security measures.

Adrian Asher, CISO and Cloud Architect at Checkout.com, discusses his transition from monolithic to cloud-native structures in fintech. He emphasizes the importance of using AWS technologies like Lambda and Fargate for better security and scalability. Adrian explores the differences between cloud-native and cloud-naive approaches, stressing the need for cultural shifts within organizations. He shares insights on preparing security teams for generative AI, showcasing the evolving relationship between development and security practices.

Security expert Lily Chau discusses AWS Lambda for cloud security, auto-remediation, IAM roles, and challenges with CSPM. They cover cultural shifts, high-impact playbooks, and monitoring CloudTrail logs for security. Also, they talk about preventing subdomain takeovers, using Terraform for security, and a favorite restaurant in San Francisco.

Zvonko Kaiser, Nvidia's Principal Systems Software Engineer, discusses confidential computing, secure enclaves, and attestations. He highlights the importance of GPUs in enhancing AI workloads and the transition to confidential containers for data protection. The podcast explores threat models, industry sectors utilizing confidential computing, and the value of isolation and attestation in cloud security.

Armon Dadgar, Co-Founder and CTO at HashiCorp, illuminates his journey co-creating Terraform and tackling cloud complexities. He highlights the evolution of Infrastructure as Code (IaC) and stresses the importance of platform teams for large enterprises. Armon discusses the critical role of standardization and lifecycle management for cloud security. The conversation dives into the challenges of automation, including machine identity management, and the influence of generative AI on IaC practices, all while emphasizing community contributions to open-source initiatives.

Dan Benjamin, Head of Data, Identity and AI Security at Prisma Cloud, discusses the new AI-SPM category, building AI and data inventories, understanding AI access, and the role of DSPM in effective AI security controls. They compare AISPM vs CSPM, tackle data security in the world of AI, and highlight the maturity curve for CISOs to consider.

Dave Johnson, Senior Threat Intelligence Advisor at Feedly and ex-FBI agent, discusses using large language models to create Sigma rules for threat detection. He highlights the challenges and benefits of employing AI in this process, emphasizing prompt chaining and RAG systems. The conversation touches on the importance of specific inputs and experimenting with dev environments for better security threat detection.

Ely Kahn, VP of Cloud Security and AI at SentinelOne, discusses the shift to decentralized SOC operations, increasing cloud security complexity, and the future impact of AI on Cloud Security in 2024. Topics include evolving threat landscapes, SOAR, skillset changes, and a fun section covering personal interests.

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world. We speak about the significance of behavioural baselining, the limitations of signature-based detection, the role of tools like eBPF in enhancing real-time security measures and the importance of proactive security measures and the need for a paradigm shift from reactive alert-based systems to a more silent and efficient operational model. Guest Socials:⁠ Jimmy's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (03:12) A bit about Jimmy Mesta (03:48) What is Cloud Native Security? (05:15) How is Cloud Native different to traditional approach? (07:37) What is eBPF? (09:12) Why should we care about eBPF? (11:51) Separating the signal from the noise (13:48) Challenges on moving to Cloud Native (15:58) Proactive Security in 2024 (17:02) Whose monitoring Cloud Native alerts? (23:10) Getting visibility into the complexities of Kubernetes (24:24) Skillsets and Resources for Kubernetes Security (27:54) The Fun Section Resources spoke about the during the interview: OWASP Kubernetes Top Ten