

Crying Out Cloud
Wiz
Welcome to "Crying Out Cloud," the monthly podcast that keeps you up to date with the latest cloud security news. Hosted by experts Eden Naftali and Amitai Cohen, each episode provides in-depth coverage of the most important vulnerabilities and incidents from the previous month. Tune in for insightful analysis and expert recommendations to help you safeguard your cloud infrastructure.
Episodes
Mentioned books

Aug 1, 2025 • 29min
Adversary Emulation, Cyber Education & Community Building with Day Johnson
🚨 How do you build a 4,000+ strong student-tech community from scratch?Eden Naftali and Amitai sat down with Day Johnson, Security Engineer at @amazon , ex-Datadog, founder of CyberWox Academy.What they covered 👇- Detection engineering that works at scale- What breaks IR processes (and how to fix them)- Real talk on breaking into security without shortcutsAlso: why being the "tech kid" in your neighborhood might just launch your whole career.

Jul 15, 2025 • 40min
Live Talk: Security Minds from Riot Games, Microsoft & Wiz
- 💡 From cloud chaos to career confessions: live with security minds from RiotGames & Microsoft.Eden Naftali went live, and got personal, with 3 leaders shaping the future of cloud and cybersecurity:- Nicole Dove, Head of Security Engineering at @Riot Games- Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft- Alon Schindel, VP of AI & Threat Research at WizWhat they unpacked? 👇The heart of threat intel, building trust over tools, and how hobbies reflect how they lead.This Crying Out Cloud episode from RSA just hits different.⏱ Chapters00:05:02 – What it means to be a threat intelligence leader00:10:08 – How threat intelligence should really look00:15:48 – Skirting the tough questions in cybersecurity00:21:07 – Working with third-party vendors in the cloud00:26:17 – What the security industry is getting wrong00:31:20 – The special skill of deep research00:36:20 – A real-world story about leading with trust#CyberSecurity #CloudSecurity #ThreatIntelligence #Infosec #CloudComputing

Jul 9, 2025 • 18min
AI Double Agents to Blame, Scattered Spider Pivots to Planes
🎙️ Scattered Spider's new target? Airlines.Eden Koby Naftali & Amitai Cohen break down the latest in the cloud:1️⃣ A connectivity tool vuln & Open WebUI misconfig putting orgs at risk2️⃣ Why attackers are still tricking help desks (and how!)3️⃣ The "lethal trifecta" of AI agent danger, explained 🧠🤖0:25 – Scattered Spider targets the aviation industry1:38 – Help desk hacks: impersonation & real-world stories4:52 – Teleport vulnerability explained9:48 – AI’s “lethal trifecta” and why it matters#CloudSecurity #ScatteredSpider #AIThreats #HelpDeskAttacks #CryingOutCloud #CybersecurityPodcast

Jun 25, 2025 • 27min
Pyramid of Pain, PEAK, and Bagpipes with David Bianco
🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting.Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection.What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingOutCloud #CyberSecurity #ThreatHunting #PyramidOfPain #DavidBianco #Splunk #Infosec #CloudSecurity #DetectionEngineering #BlueTeam #SecurityPodcast #SOC #ThreatIntel #IncidentResponse

May 29, 2025 • 26min
AI-powered Security, Shared Fate, and an Archery Lesson with Dr. Anton Chuvakin
Dr. Anton Chuvakin, a cloud security expert at Google and co-host of the Cloud Security Podcast, dives into the complexities of cybersecurity. He discusses the broken nature of Security Operations Centers, the real application of AI in security, and the challenges posed by cloud appliances. The conversation also touches on shared responsibility in security and reflects on the importance of effective communication with non-technical stakeholders. Plus, he light-heartedly shares his passion for archery, linking it to themes of vulnerability and critical thinking.

May 14, 2025 • 29min
UK Retail Breaches, SAP 0day, and CVE Troubles
🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues

May 8, 2025 • 40min
Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner
🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨In this episode, Amitai Cohen and Eden Naftali are joined by none other than Justin, renowned bug bounty hunter and host of the Creative Thinking podcast (ctbbpodcast).Justin unpacks some of today's 🔥 topics:- Bug bounty disclosure challenges & trends- Security stories from tech giants: lessons we can all learn- Messaging platform exploits & SSRF risks- Breaking into popular monitoring tools — HTTP pitfalls & key takeaways

Apr 9, 2025 • 29min
Quadruple Supply Chain Attack, IngressNightmare Exploited, and Rumors Abound
🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz.Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last episode on this critical vulnerability.• Alleged Oracle breaches: Breaking down the latest rumors and insights.

Mar 25, 2025 • 22min
Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster
🎙️ All you need to know on our latest discovery #IngressNightmare 🚨In this episode of Crying Out Cloud, Amitai Cohen & Eden Koby Naftali are joined by Nir Ohfeld — Head of Vulnerability Research at Wiz. Nir and his team have uncovered some of the most impactful vulnerabilities affecting cloud and SaaS applications. In this episode, he's diving into the latest discovery, a critical vulnerability in Ingress-NGINX:• How the team uncovered a critical unauthenticated RCE in NGINX Ingress Controller• Why Kubernetes admission controllers might be the next big attack surface• The wild journey of hunting vulnerabilities in the cloud

Mar 5, 2025 • 22min
From Hotmail Hacks to AI hype, CTFs & Cloud Guardian: with Ashish Rajan
🎙 Ready for the latest on AI, cloud security, and Fortune 500 challenges?This week on our podcast Crying Out Cloud, we're joined by none other than Ashish Rajan— a seasoned cybersecurity leader and host of the AI Cybersecurity Podcast & Cloud Security Podcast.Amitai Cohen & Eden Koby Naftali dive into:- The evolution of AI & cloud security- Lessons from securing Fortune 500 & FTSE 100 companies- The biggest challenges (and laughs) in the industry