Cloud Security Podcast

🐝 How is SE Linux different from eBPF? 🐝 We spoke to Liz Rice, Chief Open Source Officer at Isovalent about why eBPF is different? 🔍 SE Linux: Rigid, hard-coded interface within the kernel. Limited in flexibility and adaptability. Utilizes the Linux Security Module Interface for predefined policies. 💡 eBPF: Leverages the same Linux Security Module Interface, but with a twist! Allows for custom, bespoke policies. Enables contextual decision-making for dynamic security responses. Empowers you to write your own code or use existing tools for flexible policy management. Why should you care? 🤔 - Innovation in Security: eBPF can provide platform for much more creative and dynamic security solutions, adapting to the ever-evolving threat landscape. - Custom Solutions: Move beyond one-size-fits-all security approaches and tailor your defenses to your specific needs. - Future-Proofing: understanding the potential of eBPF in enhancing your cloud security posture. If eBPF is on your mind in 2024 then this episode is a great listen with Liz, who has literally written the book on eBPF. We have linked the episode in the comments below #cloudsecurity #ebpf #kubernetessecurity

🌟 How AI is changing DevSecOps? ⭐ We spoke to Michael Hanley, CSO & SVP, Engineering at GitHub about the the integration of AI in DevSecOps. 🔹 Shifting Left with AI: Traditionally, security has often been an afterthought, resulting in late feedback and context switching for developers. But AI could be changing the game by integrating security seamlessly into the development process, providing real-time feedback and reducing the need for constant oversight. 🔹 Empowering Developers: Imagine having a virtual security expert available 24/7! With natural language interfaces like ChatGPT or Copilot chat, developers can now ask questions and receive immediate, trustworthy guidance. This removes the intimidation factor and fosters a more inclusive, security-conscious development environment. 🔹 Enhanced Developer Experience: No more waiting for ticket resolutions that take days. AI tools can make the process faster, more efficient, and more developer-friendly. It’s about boosting productivity without compromising on security. 🔹 Real-world Caution: While AI offers significant advantages, it's crucial to remember that it’s not a ‘set it and forget it’ solution. Think of it as a powerful co-pilot, not a fully autonomous driver. Continuous vigilance and traditional security practices remain essential. 🔹 Better Results with AI: The integration of AI doesn’t just streamline processes; it enhances overall code quality and security. By adopting AI technologies, teams can expect improved results and reduced workloads. Michael shared a lot of great insights in this episode and if you are interested in how GitHub is looking at AI, this is one episode you can check out. We have linked the full episode in the comments below! #aisecurity #githubcopilot #cloudsecurity

🚀 How can we Unlock Business Success with Cybersecurity! 🚀 We had the pleasure of speaking to Fredrick Lee, CISO Reddit, Inc. about the role of a Modern CISO. - Reframe Your Approach to Risk: Evaluate your organization's risk tolerance and identify areas where taking risks can lead to significant business opportunities. - Leverage AI for Security: Start exploring AI tools that can help automate and improve your security processes, making your team more effective. - Prioritize Privacy: Implement privacy-by-design principles to build trust with your users and stay ahead of regulatory demands. Flee had some great insights which really made this episode a great one to listen to. We have linked the full episode in the comments below! #ciso #cybersecurityleadership #aisecurity

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta 🤙, Co-Founder and CTO of RAD Security to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world. We speak about the significance of behavioural baselining, the limitations of signature-based detection, the role of tools like eBPF in enhancing real-time security measures and the importance of proactive security measures and the need for a paradigm shift from reactive alert-based systems to a more silent and efficient operational model. #rsac2024 #cloudnativesecurity #kubernetessecurity

🌩️ Cloud Ransomware: A New Era of Cyber Threats 🌩️ How are Ransomware different in the cloud environment? Ashish spoke to Rich Mogull & Chris Farris about this on one of our recent episodes. 🔍 Different Game, Different Rules: Cloud ransomware isn't the NotPetya or Maersk type. No more hunting down offline servers. Instead, they might delete your data or download it and demand crypto to get it back. Sometimes, they bluff about having your data. 🗂️ Data Trails Matter: AWS has highlighted the importance of data trails. Without them, you won't know if the attackers actually have your data. 🔑 Key Deletion Tactics: There's a twist! Attackers threatening to delete your keys? AWS has a seven-day hold on key deletion, meaning you can easily recover your key and thwart the attack. 🤔 Laziness as a Strategy: Turns out, attackers can be just as lazy as anyone else, often taking the path of least resistance. This was a great episode where we explored the challenges and realities of Cloud Security in 2024, we have linked the full episode in the comments below #cloudsecurity #cloudsecuritycareers #threatmodel

🤖 AI is here and its here to stay, but how will it change cybersecurity? 🛡 We spoke to Amol Mathur, SVP & GM Prisma Cloud by Palo Alto Networks AI's role in cybersecurity through three critical dimensions: 🔍 Securing with AI: Imagine a world where threats are detected with unparalleled precision, enabling swift and effective incident response. AI can make this a reality, enhancing threat detection capabilities exponentially. 🛡️ Securing the AI: As generative AI applications proliferate, visibility and posture management become even more important. How do we safeguard these AI systems? How do we detect evolving attacks in real-time? This is the reality of securing our AI-driven future. 🔧 Simplifying Cybersecurity with AI: Generative AI shines here, simplifying complex cybersecurity tasks. From guided investigations and assistive remediation to summarization and multi-language query capabilities, AI can be an invaluable partner in achieving extraordinary outcomes. If AI in Cybersecurity and Cloud Security is of interest to you, definitely do check out this episode that we have linked for you in the comments below, you may also like our sister podcast AI CyberSecurity Podcast where we are breaking down the signal from the noise in the AI Cybersecurity space Palo Alto Networks #aicybersecurity #aisecurity #cloudsecurity

☸️ What does DevSecOps in the world of Kubernetes look like? ☸️ ⚙ Holistic Security for the Application Lifecycle: From deployment to production, use golden images and pathways to maintain full control and security. 🛡️ ⚙ Advanced Security Practices: Integrating SAST, DAST, and secrets management can streamline your security processes. 🔍 ⚙ Ecosystem Complexity: Understand the challenges of securing service-oriented architectures and the cognitive load on developers. 🤯 ⚙ Centralized Remediation: Explore strategies to centralize security within teams to effectively remediate issues without overwhelming developers. 🤝 ⚙ Power of Kubernetes: Kubernetes can help create immutable applications and provide the resilience needed to handle attacks. 💪 ⚙ Quick Recovery Strategies: Importance of mean time to recovery and how to achieve it with a robust, state-consolidated approach. ⏱️ We spoke to Sarah Polan, Field CTO EMEA for HashiCorp at Kubecon EU to talk about all things DevSecOps in the land of Kubernetes and Cloud Native, if these topics are of interest to you, definitely check out the full episode that we have linked in the comments below #cloudnativesecurity #kubernetesecurity #cloudsecurity

How has DevSecOps matured over the years? Can AI help with developer security? Ashish sat down with David DeSanto, Chief Product Officer at GitLab, at the RSA Conference to talk about how #DevSecOps has advanced through the year, the practical applications of AI in security, the reduction of false positives, and the importance of fostering a collaborative culture between development and security teams. #aisecurity #rsac2024

❗️💬 "It's a matter of maturity." The journey to the cloud begins with ensuring your posture is correct. The evolution of the CSPM industry reflects this priority. But what happens next? 🤔 📈 As your cloud presence grows and your business becomes increasingly reliant on cloud operations, it's time to face an inevitable truth: Cyber attacks often are not a question of if, but when. How prepared are you to detect and respond to these threats? We spoke to Ariel Parnes, Co-Founder Mitiga about this and lot more! 🛑 Transitioning to the Cloud: Ensuring your initial posture and the role of CSPM. Maturity in Cloud Operations: Recognizing when your business relies on cloud operationally and the importance of crown jewels in the cloud. 🛑 Detection and Response: Moving beyond prevention to a comprehensive strategy that includes detection and response capabilities. 🛑 The Role of a Security Data Lake: How it fits into your overall security strategy. Full episode linked in the comments below #cloudsecurity #incidentresponse #cloudcomputing

🛠️ Building a Cloud Security Program on AWS?⚔️ Here are some insights that might help from our chat with Mark Terenzoni, GM, Security Services at Amazon Web Services (AWS). - Initial Cloud Migration Challenges: Many organizations start their cloud journey without integrating security, only to realize later the critical need to backtrack and secure their environment. 🤔💭 - Speed vs. Security: The cloud enables teams to move faster, but this speed can be a double-edged sword if security isn't part of the initial migration plan. ⚡🔒 - Preventative Measures: Starting with preventative security measures can save you from future headaches. Establishing controls up front based on your security requirements can solve many problems before they arise. 🛡️🛠️ - Monitoring and Maintenance: Even with strong preventative measures, continuous monitoring is essential. A balanced approach ensures fewer issues in your cloud environment. 👀✅ If you are working with AWS, this conversation would be a good listen, we have linked the full episode in the comments below! #cloudsecurity #cloudsecurityprogram #awssecurity