Cloud Security Podcast

🚨 The Most Imporant Skill in Incident Response? 🚨 When you think of incident response, what comes to mind? Forensics, firewalls, deep technical investigations? Sure. But there’s one skillset that often gets overlooked—and it's critical: COMMUNICATION 🗣️ - Incident responders are not just tech wizards. They’re coordinators, communicators, and negotiators. - Whether they’re talking with engineers in the trenches or briefing senior leadership (yes, even the CEO 👨💼👩💼), clear, calm communication makes or breaks a response. - Beyond communication, there's so much more that makes an incident responder exceptional: Forensics 🖥️: Both endpoint and network forensics to track how the breach happened. Data Analysis 📊: Sifting through mountains of data to find that key signal in the noise. If you are interested in incident response, this episode with ⚫ Santiago Gutiérrez from Canva is a great listen. We have linked the full episode in the comments below ! #cloudsecurity #incidentresponse #cybersecurity

🎙️Where do you start? 🧐 in Cloud Security? A question we get quite often from our community and we thought its best to pose it to some of best minds in Cloud Security - Rich Mogull, Chris Farris, Marguerite (Meg) Ashby, Ammar Alim, Patrick Sanders, Abdie Mohamed, Damien Burks and Ashish Rajan 🤴🏾🧔🏾♂️. Whether you are new to Cloud Security and working on the latest and greatest, this panel made for a great episode - we have linked the full episode in the comments below! #cloudsecurity #cybersecurity #cloudsecuritycareers

🕵🏻♀️ What is Cloud Security Research? And what's its role in Cloud Security? In this week edition of the Cloud Security Newsletter, along with insights from our guests  Scott Piper, Principal Cloud Security Researcher at Wiz, Christophe Tafani-Dereeper and Nick Frichette, Staff Cloud Security Researchers at Datadog, Kat Traxler, Principle Security Researcher at Vectra AI and Rodrigo Montoro, Chief Research & Innovation Officer at Clavis Segurança da Informação , we dig into this world of Cloud Security Research and the value it brings to the Cloud Security ecosystem. If you do prefer to see this newsletter in your inbox, we have dropped the link for you to subscribe to it! #cloudsecurity #cloudsecurityresearch

🚀 Making the move... from Network Security to Cloud Security? Moving from network security to the cloud can feel like stepping into uncharted territory—everything you know about securing networks is still relevant, but the landscape has shifted. 🌐 We spoke to Brian McHenry, Global Head of Cloud Security Engineering Check Point Software about this shift and more! - Your skills matter! Networking expertise is always valuable - 🌩️ Clouds are not the same! AWS, Azure, and GCP each have unique infrastructures. What works for one, won’t necessarily work for the others. - 🛠️ Certifications can be a start - If your company is all-in on AWS, for instance, learning the ins and outs of their networking systems is crucial. - 💡 Nuances everywhere. From high availability to load balancing, expect differences at every turn. If you want to get into this evolving world of network security and cloud security, this would be a valuable listen, we have linked the full episode in the comments below! #cloudsecurity #networksecurity #cnapp

In this episode Ashish Rajan sits down with Shashwat Sehgal, co-founder and CEO of P0 Security, to talk about the complexities of cloud identity lifecycle management. Shashwat spoke to us about why traditional identity solutions like SAML are no longer sufficient in today’s cloud environments. He discusses the need for organisations to adopt a more holistic approach to secure access across cloud infrastructures, addressing everything from managing IAM roles to gaining complete visibility and inventory of all cloud identities. This episode goes into the growing challenges around managing human and non-human identities, and the importance of shifting from legacy solutions to cloud-native governance. #cloudsecurity #cloudidentity #identityandaccessmanagement

How has detection and response evolved over the years in Cloud Security? Maybe gotten more complicated? with Kubernetes, containers, serverless, and even AI. 🤖 We spoke to Warwick Webb, VP of MDR at SentinelOne and Adriana Corona, Director of Product Management AI about this - Security teams are facing increasing complexity as new technologies emerge - With on-prem detection expertise already stretched thin, cloud expertise for detection and response is becoming even more specialized—and even harder to find. - Building a 24x7 internal security team? Not just hard—nearly impossible for most organizations. If you are interested in how the Detection and Response space is evolving in the age of complex cloud security and AI, you would find this episode valuable, we have linked it in the comments below! #cloudsecurity #aicybersecurity #detectionandresponse

In this episode of the Cloud Security Podcast, Ashish sat down with Artyom Poghosyan, CEO and co-founder of Britive, to explore the changing world of identity and access management (IAM) in the cloud era. With over two decades of experience in the identity space, Art breaks down the challenges of traditional Privileged Access Management (PAM) and how cloud-native environments require a rethinking of security strategies. From understanding the complexities of cloud infrastructure entitlements to unpacking the differences between on-premise and cloud-based PAM, Art explains why "Identity is the new perimeter" and how modern organizations must adapt. They dive deep into the importance of Just-in-Time (JIT) access, non-human identities, and the critical role identity plays as the first and last line of defense in cloud security. #cloudsecurity #identityandaccessmanagement

Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data. #cloudsecurity #cloudsecurityresearch #fwddcloudseceu fwd:cloudsec

🔐 Edge Security in the Cloud: Is it the Shield We Can’t Ignore 🌍☁️ Cloud security isn’t what it used to be. We’ve shifted, evolved, and now... edge security is becoming the conversation. But what is edge security, really? 🤔 You're managing workloads across multiple clouds—AWS, Azure, GCP—and maybe even an on-prem environment. The native tools that each provider offers? They’re solid, but not always advanced enough. Each one has its own quirks, its own limitations. Enter Edge Security—your network firewall, DDoS protector, web application firewall—all working to secure the boundary, the "edge," of your cloud environment. If you are interested in edge security in the cloud world, then this is a good episode for you where we spoke to Brian from Check Point Software, we have linked the full episode in the comments below! #CloudSecurity #EdgeSecurity #MultiCloud #CyberSecurity #DevSecOps

We are heading to #Hashiconf in Boston! Yes, you heard that right! With all the conversations we have been having about IaC security, CICD and DevSecOps, we wanted to dig a bit deeper into this world. & as usual we have some fun things planned! Also there is a great lineup of security speakers, we are looking forward to hearing from: Jeremy Myers, Blake Garner, Anthony Ralston, Maksim Frenkel, Miznan Rahman, James Bayer, Cole Morrison to name a few. You can check out the schedule in the link below and if you are attending, definitely come say hello to us! See you there HashiCorp #terraform #cloudsecurity