Crying Out Cloud

🔐 Erik Bloch on his path from military hacker to Illumio security leader.Eden Naftali and Amitai sat down with Erik Bloch & here's what they covered 👇How starting in the military shaped Erik's approach to securityBuilding and scaling cloud detection & response teamsConverting security metrics into actionable business KPIs

🚨 How do you build a 4,000+ strong student-tech community from scratch?Eden Naftali and Amitai sat down with Day Johnson, Security Engineer at  @amazon  , ex-Datadog, founder of CyberWox Academy.What they covered 👇- Detection engineering that works at scale- What breaks IR processes (and how to fix them)- Real talk on breaking into security without shortcutsAlso: why being the "tech kid" in your neighborhood might just launch your whole career.

- 💡 From cloud chaos to career confessions: live with security minds from RiotGames & Microsoft.Eden Naftali went live, and got personal, with 3 leaders shaping the future of cloud and cybersecurity:- Nicole Dove, Head of Security Engineering at @Riot Games- Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft- Alon Schindel, VP of AI & Threat Research at WizWhat they unpacked? 👇The heart of threat intel, building trust over tools, and how hobbies reflect how they lead.This Crying Out Cloud episode from RSA just hits different.⏱ Chapters00:05:02 – What it means to be a threat intelligence leader00:10:08 – How threat intelligence should really look00:15:48 – Skirting the tough questions in cybersecurity00:21:07 – Working with third-party vendors in the cloud00:26:17 – What the security industry is getting wrong00:31:20 – The special skill of deep research00:36:20 – A real-world story about leading with trust#CyberSecurity #CloudSecurity #ThreatIntelligence #Infosec #CloudComputing

🎙️ Scattered Spider's new target? Airlines.Eden Koby Naftali & Amitai Cohen break down the latest in the cloud:1️⃣ A connectivity tool vuln & Open WebUI misconfig putting orgs at risk2️⃣ Why attackers are still tricking help desks (and how!)3️⃣ The "lethal trifecta" of AI agent danger, explained 🧠🤖0:25 – Scattered Spider targets the aviation industry1:38 – Help desk hacks: impersonation & real-world stories4:52 – Teleport vulnerability explained9:48 – AI’s “lethal trifecta” and why it matters#CloudSecurity #ScatteredSpider #AIThreats #HelpDeskAttacks #CryingOutCloud #CybersecurityPodcast

🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting.Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection.What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingOutCloud #CyberSecurity #ThreatHunting #PyramidOfPain #DavidBianco #Splunk #Infosec #CloudSecurity #DetectionEngineering #BlueTeam #SecurityPodcast #SOC #ThreatIntel #IncidentResponse

Dr. Anton Chuvakin, a cloud security expert at Google and co-host of the Cloud Security Podcast, dives into the complexities of cybersecurity. He discusses the broken nature of Security Operations Centers, the real application of AI in security, and the challenges posed by cloud appliances. The conversation also touches on shared responsibility in security and reflects on the importance of effective communication with non-technical stakeholders. Plus, he light-heartedly shares his passion for archery, linking it to themes of vulnerability and critical thinking.

🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues

🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨In this episode, Amitai Cohen and Eden Naftali are joined by none other than Justin, renowned bug bounty hunter and host of the Creative Thinking podcast (ctbbpodcast).Justin unpacks some of today's 🔥 topics:- Bug bounty disclosure challenges & trends- Security stories from tech giants: lessons we can all learn- Messaging platform exploits & SSRF risks- Breaking into popular monitoring tools — HTTP pitfalls & key takeaways

🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz.Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last episode on this critical vulnerability.• Alleged Oracle breaches: Breaking down the latest rumors and insights.

🎙️ All you need to know on our latest discovery #IngressNightmare 🚨In this episode of Crying Out Cloud, Amitai Cohen & Eden Koby Naftali are joined by Nir Ohfeld — Head of Vulnerability Research at Wiz. Nir and his team have uncovered some of the most impactful vulnerabilities affecting cloud and SaaS applications. In this episode, he's diving into the latest discovery, a critical vulnerability in Ingress-NGINX:• How the team uncovered a critical unauthenticated RCE in NGINX Ingress Controller• Why Kubernetes admission controllers might be the next big attack surface• The wild journey of hunting vulnerabilities in the cloud