Cloud Security Podcast

Andrew Tabona, SVP of Cyber Threat Management, challenges traditional incident response plans in the cloud. They discuss mean time to detect, respond, and recover, strategies for building a detection framework, nuances of incident response in cloud vs. on-premise environments, balanced log ingestion, and the importance of mastering fundamentals for effective cloud security.

Learn all about GitHub Copilot, an AI-powered coding assistant redefining how developers write code. From its impact on security professionals to the trustworthiness of AI-generated code, discover how GitHub Copilot enhances productivity and security in the coding world. Explore the versatility of this tool in various programming languages and its potential for revolutionizing software development. Plus, enjoy a fun chat about gaming, work-life balance, and favorite cuisines.

The podcast delves into the concept of 'Assume Breach' for cloud incident preparedness, the effectiveness of CSPM, and the importance of logs in incident response. It also discusses gaining deep visibility in cloud environments, the need for a Security Data Lake, and demonstrating ROI for Security Operations.

Exploring the importance of threat modeling in cloud, the differences between cloud and on-prem threat modeling, practical examples, and challenges of scaling threat modeling. Discussions on incorporating threat modeling in security programs, various approaches to threat modeling, and personal insights on building effective threat models.

Discover how GenAI and Custom LLM models are transforming legal data analysis at LexisNexis. Explore the intersection of cloud engineering, cybersecurity, and AI in the legal sector. Learn about the importance of data security in AI applications for legal research and document drafting.

Magno Logan, an expert in Kubernetes security, talks about the silent but deadly vulnerabilities of sidecar containers in Kubernetes. He discusses common attack paths, entry points for attackers, container escape, and ways to secure sidecars, shedding light on the threats beyond crypto mining attacks.

Idan Plotnik, Co-Founder of Apiiro, with 24 years of cybersecurity experience, discusses the challenges of managing vast quantities of repositories and misconceptions about Application Security Posture Management. He highlights the relevance of ASPM in both large and small organizations. The podcast explores the differences between Cloud Security and Application Security Tools, and the growing need for Application Security Tools. It concludes with insights into managing cybersecurity, mean time to remediation, and importance of customer feedback.

Troy Hunt and Scott Helme discuss best practices for decoding TLS, password security, and data breaches in cloud and AI. They emphasize the importance of early security training, strong passwords combined with multi-factor authentication, and proper password storage and encryption. The speakers also explore the risks and benefits of building LLMs, debunk TLS misconceptions, and highlight the relevance of security policies and cybersecurity training in improving security without expensive appliances.

Vivek Menon, CISO for Digital Turbine, talks about the strategic approaches to cloud security in 2024, the challenges of multi-cloud environments, managing identities and misconfigurations, and the value of dedicated cloud-specific teams.

Dive into the world of AI and Kubernetes with Shopify's Shane Lawrence in this episode of the Cloud Security Podcast. Shane, shares his experience in the security team at Shopify and working on the intersection of AI, Large Language Models (LLMs), and Kubernetes security. Shopify is looking to pioneer the use of AI to streamline developer operations, enhance productivity, and bolster security measures in multi-tenant Kubernetes environments. This episode will be valuable for you if you work in Kubernetes, Security and looking for how AI can build efficiency in your team. Guest Socials: Shane's Linkedin (Shane's Linkedin⁠⁠) Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction to AI and Kubernetes (01:32) Shane Lawrence and Shopify's AI Journey (02:21) AI and Developer Efficiency in Kubernetes (04:39) AI-Driven Automation for Security (06:34) Challenges of AI in Kubernetes Environment (11:22) Case Studies for AI in Kubernetes (13:43) The Future of Kubernetes and AI (15:59) Learning and Experimenting with AI in Kubernetes (17:49) Closing Thoughts and Fun Q&A