Crying Out Cloud

Wiz
undefined
Aug 1, 2025 • 29min

Adversary Emulation, Cyber Education & Community Building with Day Johnson

🚨 How do you build a 4,000+ strong student-tech community from scratch?Eden Naftali and Amitai sat down with Day Johnson, Security Engineer at  @amazon  , ex-Datadog, founder of CyberWox Academy.What they covered 👇- Detection engineering that works at scale- What breaks IR processes (and how to fix them)- Real talk on breaking into security without shortcutsAlso: why being the "tech kid" in your neighborhood might just launch your whole career.
undefined
Jul 15, 2025 • 40min

Live Talk: Security Minds from Riot Games, Microsoft & Wiz

- 💡 From cloud chaos to career confessions: live with security minds from RiotGames & Microsoft.Eden Naftali went live, and got personal, with 3 leaders shaping the future of cloud and cybersecurity:- Nicole Dove, Head of Security Engineering at @Riot Games- Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft- Alon Schindel, VP of AI & Threat Research at WizWhat they unpacked? 👇The heart of threat intel, building trust over tools, and how hobbies reflect how they lead.This Crying Out Cloud episode from RSA just hits different.⏱ Chapters00:05:02 – What it means to be a threat intelligence leader00:10:08 – How threat intelligence should really look00:15:48 – Skirting the tough questions in cybersecurity00:21:07 – Working with third-party vendors in the cloud00:26:17 – What the security industry is getting wrong00:31:20 – The special skill of deep research00:36:20 – A real-world story about leading with trust#CyberSecurity #CloudSecurity #ThreatIntelligence #Infosec #CloudComputing
undefined
Jul 9, 2025 • 18min

AI Double Agents to Blame, Scattered Spider Pivots to Planes

🎙️ Scattered Spider's new target? Airlines.Eden Koby Naftali & Amitai Cohen break down the latest in the cloud:1️⃣ A connectivity tool vuln & Open WebUI misconfig putting orgs at risk2️⃣ Why attackers are still tricking help desks (and how!)3️⃣ The "lethal trifecta" of AI agent danger, explained 🧠🤖0:25 – Scattered Spider targets the aviation industry1:38 – Help desk hacks: impersonation & real-world stories4:52 – Teleport vulnerability explained9:48 – AI’s “lethal trifecta” and why it matters#CloudSecurity #ScatteredSpider #AIThreats #HelpDeskAttacks #CryingOutCloud #CybersecurityPodcast
undefined
Jun 25, 2025 • 27min

Pyramid of Pain, PEAK, and Bagpipes with David Bianco

🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting.Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection.What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingOutCloud #CyberSecurity #ThreatHunting #PyramidOfPain #DavidBianco #Splunk #Infosec #CloudSecurity #DetectionEngineering #BlueTeam #SecurityPodcast #SOC #ThreatIntel #IncidentResponse
undefined
May 29, 2025 • 26min

AI-powered Security, Shared Fate, and an Archery Lesson with Dr. Anton Chuvakin

Dr. Anton Chuvakin, a cloud security expert at Google and co-host of the Cloud Security Podcast, dives into the complexities of cybersecurity. He discusses the broken nature of Security Operations Centers, the real application of AI in security, and the challenges posed by cloud appliances. The conversation also touches on shared responsibility in security and reflects on the importance of effective communication with non-technical stakeholders. Plus, he light-heartedly shares his passion for archery, linking it to themes of vulnerability and critical thinking.
undefined
May 14, 2025 • 29min

UK Retail Breaches, SAP 0day, and CVE Troubles

🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues
undefined
May 8, 2025 • 40min

Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner

🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨In this episode, Amitai Cohen and Eden Naftali are joined by none other than Justin, renowned bug bounty hunter and host of the Creative Thinking podcast (ctbbpodcast).Justin unpacks some of today's 🔥 topics:- Bug bounty disclosure challenges & trends- Security stories from tech giants: lessons we can all learn- Messaging platform exploits & SSRF risks- Breaking into popular monitoring tools — HTTP pitfalls & key takeaways
undefined
Apr 9, 2025 • 29min

Quadruple Supply Chain Attack, IngressNightmare Exploited, and Rumors Abound

🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz.Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last episode on this critical vulnerability.• Alleged Oracle breaches: Breaking down the latest rumors and insights.
undefined
Mar 25, 2025 • 22min

Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster

🎙️ All you need to know on our latest discovery #IngressNightmare 🚨In this episode of Crying Out Cloud, Amitai Cohen & Eden Koby Naftali are joined by Nir Ohfeld — Head of Vulnerability Research at Wiz. Nir and his team have uncovered some of the most impactful vulnerabilities affecting cloud and SaaS applications. In this episode, he's diving into the latest discovery, a critical vulnerability in Ingress-NGINX:• How the team uncovered a critical unauthenticated RCE in NGINX Ingress Controller• Why Kubernetes admission controllers might be the next big attack surface• The wild journey of hunting vulnerabilities in the cloud
undefined
Mar 5, 2025 • 22min

From Hotmail Hacks to AI hype, CTFs & Cloud Guardian: with Ashish Rajan

🎙 Ready for the latest on AI, cloud security, and Fortune 500 challenges?This week on our podcast Crying Out Cloud, we're joined by none other than Ashish Rajan— a seasoned cybersecurity leader and host of the AI Cybersecurity Podcast & Cloud Security Podcast.Amitai Cohen & Eden Koby Naftali dive into:- The evolution of AI & cloud security- Lessons from securing Fortune 500 & FTSE 100 companies- The biggest challenges (and laughs) in the industry

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app