This podcast currently has no reviews.
Submit ReviewThis podcast currently has no reviews.
Submit ReviewAre you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing significant threats beyond the commonly discussed crypto mining attacks. Magno spoke about common attack paths targeting Kubernetes clusters, from exploiting application vulnerabilities to leveraging exposed Kubernetes services and compromised valid accounts.
Guest Socials: Magno Logan
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:26) A bit about Magno Logan
(01:49) Kubernetes Common Threats Explained
(02:23) Kubernetes Cluster Attack Entry Points
(04:28) How attackers maintain persistent access in Kubernetes?
(05:30) Container Escape Explained
(07:03) Maintaining Persistence in Kubernetes Clusters
(08:18) What are Sidecars?
(10:43) How to secure your sidecars?
(12:33) Where can people learn more about this
(13:57) The Fun Section
Resources spoken about on the podcast
Navigating modern application security in a world of Cloud, DevSecOps and now AI is getting rather complex. We spoke to Idan Plotnik, who has 24 years of cybersecurity experience under his belt and is the Co-Founder of Apiiro about world of Application Security Posture Management (ASPM) and their relevance in both large and small organizations. Idan speaks about the challenges faced in managing vast quantities of repositories and tackles common misconceptions about ASPM, confirming that it's not intended to replace existing security pipelines.
Guest Socials: Idan Plotnik
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked: (00:00) Introduction (04:58) A bit about Idan Plotnik (05:56) Application Security tools explained (08:09) Why Application Security Orchestration Correlation (ASOC) didn't work? (09:14) Difference between Cloud Security and Application Security Tools (14:51) Why is there a growing need for Application Security Tools today? (19:07) Do Small to Medium size businesses need Application Security Tools? (21:46) Managing Cybersecurity Tools (26:08) API Security for Applications (30:29) Dealing with Regulatory Requirements in Cybersecurity (34:16) Evolving Goals in Application Security (35:49) Deciphering MTTR in Cybersecurity (37:54) The Fun Questions (39:37) Where you can connect with Idan?
We caught up with Troy Hunt and Scott Helme at NDC Security Oslo 2024 to talk about best practices when it come to decoding TLS, password security and data breaches in cloud and AI.
Troy Hunt, known for his work with haveibeenpwned.com, spoke to us about the complexities of cloud deployment and paradox of data input versus privacy risk in Large Language Models (LLMs), Cloud. Scott Helme, a security researcher and founder of securityheaders.com, spoke about the importance of early security training in the development lifecycle for applications built in 2024. We dissected the critical yet often overlooked aspects of cybersecurity in cloud and ai.
Guest Socials: Troy Hunt + Scott Helme
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:37) Evolving Landscape of Password Management
(04:17) Analyzing Data Breach Trends:
(05:48) Latest Security Protocols with TLS and Encryption
(08:24) Debating Encryption Key Management
(10:59) AI's Role in Data Breaches:
(13:59) Best Practices for Enterprise Password Management
(16:01) Best Practices for Password Management in Small to Medium Sized Businesses
(18:04) Top 5 security best practices
(19:58) Understanding Security Headers
(27:14) The Fun Section
What is a good multicloud strategy in 2024? We spoke to Vivek Menon, CISO for Digital Turbine about the maturity and security capabilities of major cloud service providers, AWS and GCP.
Vivek spoke about the journey from on-premise to multi-cloud landscapes, the strategic approaches to cloud security in 2024, and the unique challenges that teams face across different cloud platforms. Vivek shared his insights into IAM, misconfigurations, and the value of dedicated cloud-specific teams provide a roadmap for organizations aiming to enhance their cloud security posture.
Guest Socials: Vivek's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:58) A bit about Vivek Menon
(02:53) Transitioning from On-Premise to Multi-Cloud
(05:35) What is mobile ad tech?
(06:44) Why AWS and GCP?
(08:09) Challenges in Multi-Cloud Environments - The people piece
(09:37) Challenges in Multi-Cloud Environments - The process piece
(10:42) Managing identities in a MultiCloud Environment
(12:52) Managing Misconfigurations in a MultiCloud Environment
(13:58) Multi-Cloud Security- Build In-House or Buy Tools
(17:44) Starting Point for MultiCloud Policy
(18:54) AWS vs. Google Cloud: Comparing Cloud Security Maturity
(20:28) What makes security in Google Cloud stand out
(21:18) CISO Guide: Initiating a Cloud Security Strategy in 2024
(25:01) The Fun Section
(27:03) Where can you connect with Vivek
Dive into the world of AI and Kubernetes with Shopify's Shane Lawrence in this episode of the Cloud Security Podcast. Shane, shares his experience in the security team at Shopify and working on the intersection of AI, Large Language Models (LLMs), and Kubernetes security. Shopify is looking to pioneer the use of AI to streamline developer operations, enhance productivity, and bolster security measures in multi-tenant Kubernetes environments.
This episode will be valuable for you if you work in Kubernetes, Security and looking for how AI can build efficiency in your team.
Guest Socials: Shane's Linkedin (Shane's Linkedin)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction to AI and Kubernetes
(01:32) Shane Lawrence and Shopify's AI Journey
(02:21) AI and Developer Efficiency in Kubernetes
(04:39) AI-Driven Automation for Security
(06:34) Challenges of AI in Kubernetes Environment
(11:22) Case Studies for AI in Kubernetes
(13:43) The Future of Kubernetes and AI
(15:59) Learning and Experimenting with AI in Kubernetes
(17:49) Closing Thoughts and Fun Q&A
How can you build a robust cloud security program in AWS, particularly as a startup and small to medium-sized businesses navigating AWS in 2024? We spoke to Chris Farris, who is the event chair for fwd:cloudsec, a known cloud security expert and one of the first AWS Heroes for security.
Chris shared his insights on how to build a security strategy that is both practical and effective in today's dynamic cloud environment. From discussing the importance of AWS organizations and Identity Centre to breaking down the complexities of cloud security posture management. You will hear actionable advice and best practices.
Guest Socials: Chris's Linkedin (@chrisfarris)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked:
(00:00) Introduction
(02:59) A bit about Chris Farris
(03:30) fwd:cloudsec Conference
(04:19) AWS Hero program for Cloud Security
(05:23) Building Effective Cloud Security Programs
(11:39) Top Recommendations for AWS Cloud Security
(13:34) What is AWS IAM Identity Center?
(18:02) How to Set Up AWS IAM Identity Center?
(20:13) Cloud Security in different industries
(29:31) The role of a Cloud Security Engineer
(34:30) Cloud Security Breaches
(38:02) Educational Resources in Cloud Security
(42:41) The Fun Section
Resources spoken about in this episode: fwd:cloudsec AWS IAM Identity Center Leveraging AWS SSO (aka Identity Center) with Google Workspaces breaches.cloud
Is Offensive Security part of your 2024 Security Roadmap? We caught up with Sam Kirkman, Director at NetSPI EMEA at BlackHat Europe 2023 about what an Offensive Security Roadmap going into 2024 should look like. Offensive security is much more than pentesting. We spoke about how to build a capable team, different maturity stages of building such a program and resources you can lean on while you are on this journey across different industries.
Guest Socials: Sam's Linkedin (@sam-kirkman-cybersecurity)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:53)A bit about Sam Kirkman
(03:53) What is offensive security?
(04:52) The attack landscape
(07:34) Offensive Security Roadmap
(09:43) Components of Offensive Security Roadmap
(11:04) Whats a good starting point?
(12:55) Skillsets required in the team
(16:57) Different stages of maturity
(19:09) Where can people learn more about this?
(22:03) Where you can connect with Sam
Cloud Security environments looks very complex in 2023, and it will continue to evolve in 2024 now with AI. At AWS re:Invent 2023 this year, we sat down with Alex Jauch, Senior Director of Product Management at Outshift to talk about the complexities in Cloud Security, the role of GenAI and what can be items to consider for your 2024 Cloud Security Program.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked: (00:00) Introduction (01:34) A bit about Alex (02:02) Current Cloud Security Landscape (04:43) The cloud security acronyms (08:44) Dealing with complex infrastructure (12:31) Impact of GenAI on Security (15:26) Do you have GenAi in Production? (16:55) We are all one team! (19:04) 2024 Security Program (20:39) Whats not being spoken about? (22:11) The fun section (26:00) Where you can connect with Alex!
Kubernetes is shaping the future of cloud native technology with interest from security folks, businesses and developers - what does the future of Kubernetes Security look like? At Kubecon NA 2023, we spoke to Emily Fox who is the chair of CNCF's Technical Oversight Committee and Software Engineering Lead at RedHat about how Zero Trust plays out in the Kubernetes environment, challenges and solutions in securing the software supply chain within Kubernetes, the impact of AI workloads on Kubernetes and future of Edge Computing and Kubernetes.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked: (00:00) Introduction (02:23) A bit about Emily (02:51) What is Supply Chain Security? (03:51) What triggered this conversation? (05:10) Supply Chain Security in Managed Kubernetes (06:07) What is Zero Trust? (07:24) Implementing Zero Trust (09:29) The role of Security and Compliance (11:13) Compliance as code in Kubernetes (13:22) What is Edge? (17:41) The impact of AI on Security (20:39) Detection for AI and Kubernetes (22:29) How are the skillsets changing? (25:00) Security for Open Source Projects (28:01) The fun section
Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant setups, tools and tactics for securing Kubernetes environments, insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
Thank you to our episode sponsor Vanta - You can check them out at vanta.com/cloud
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction (02:25) A bit about Cailyn (03:08) How is Kubernetes Networking different? (04:20) Foundational pieces of Kubernetes Networking (06:21) Whats missing in Kubernetes Networking? (07:47) What is Multi Tenancy? (10:20) What are some of the common threat models? (13:16) How are people responding to threats? (14:41) Where to start learning about this? (16:26) Best practices for Kubernetes Networking (18:16) What becomes more important with maturity? (21:14) Resources to learn more about Kubernetes Security (22:30) The Fun Section
Resources shared during the episode:
Kubernetes Security Checklist - https://kubernetes.io/docs/concepts/security/security-checklist/
Pentesting your own cluster with Liz Rice - https://www.youtube.com/watch?v=fVqCAUJiIn0
This podcast could use a review! Have anything to say about it? Share your thoughts using the button below.
Submit Review