Cloud Security Podcast Cloud Security
-
- Technology
-
Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud.
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
-
How is Kubernetes Network Security Evolving?
How is eBPF impacting Kubernetes Network Security? In this episode, recorded LIVE at Kubecon EU Paris 2024, Liz Rice, Chief Open Source Officer at Isovalent took us through the technical nuances of eBPF and its role in enabling dynamic, efficient network policies that go beyond traditional security measures. She also discusses Tetragon, the new subproject under Cilium, designed to enhance runtime security with deeper forensic capabilities. A great conversation for anyone involved in Kubernetes workload management, offering a peek into the future of cloud-native technologies and the evolving landscape of network security.
Guest Socials: Liz's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:46) A bit about Liz Rice
(02:11) What is eBPF and Cilium?
(03:24) SC Linux vs eBPF
(04:11) Business use case for Cilium
(06:37) Cilium vs Cloud Managed Services
(08:51) Why was there a need for Tetragon?
(11:20) Business use case for Tetragon
(11:32) Projects related to Multi-Cluster Deployment
(12:45) Where can you learn more about eBPF and Tetragon
(13:50) Hot Topics from Kubecon EU 2024
(15:07) The Fun Section
(15:35) How has Kubecon changed over the years?
Resources spoken about during the interview:
Cilium
Tetragon
eBPF -
The Future of Software Development with AI
How can we leverage AI for more secure and efficient code and how will it impact devsecops? Ashish spoke to Michael Hanley, CSO and SVP of Engineering at GitHub, about the transformative impact of GitHub Copilot and AI on software development and security. Michael speaks about GitHub's internal use of Copilot for over three years and its role in enhancing developer satisfaction and productivity by removing mundane coding tasks. They speak about the broader implications for DevSecOps, the future of AI in coding, and strategic tips for integrating AI tools within organizations.
Guest Socials: Michael's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:19) A bit about Michael Hanley
(04:25) Making Security Easy for Developers
(07:17) What is GitHub Copilot?
(10:01) Whats the Future of AI for Security and Developers?
(13:36) Security Recommendations for using AI
(16:35) How is data stored in GitHub Copilot?
(17:40) How is AI impacting DevSecOps?
(21:50) The balance between Security and Innovation
(24:18) The evolution of education with AI
(27:30) Strategic Approach for CISOs implementing AI Pair Programmers
(30:08) Bridging the gap between Security and Engineering
(34:37) The Fun Questions
Resources spoken about during the episode:
https://resources.github.com/copilot-trust-center/https://www.github.careers/careers-home -
The role of Real Time Defense in Cloud Security
In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its critical role in protecting Kubernetes environments, and the future roadmap post-graduation. We spoke about the gap between traditional security measures and the dynamic needs of modern infrastructures.
Guest Socials: Loris's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
00:00 Introduction
01:13 A bit about Loris
01:44 What does graduation mean for Falco?
02:58 What is Falco?
04:59 eBPF and Falco
06:01 Why eBPF is secure?
07:11 Runtime Security in Kubernetes
10:32 ROI for leaders for Runtime Security Tools
12:50 Preventative Security vs Runtime Security
14:08 Runtime Security in Modern Environments
16:42 Whats the Future for Falco?
18:31 The Fun Questions -
CISO's guide to embracing risk in business
What is it like to build a successful business based on risk? In this episode Ashish spoke to Fredrick Lee, CISO at Reddit. FLee shared his deep insights into the essential role of risk in driving business success and innovation. With a career that spans across notable tech giants like Square (now Block), Twilio, and Gusto, Lee brings a wealth of experience in both hardware and software security landscapes. Without embracing risk, businesses risk stagnation in a world where competitors are always ready to innovate. From discussing the cost-effective strategies in cybersecurity to exploring the formation and goals of Reddit's S.P.A.C.E team (Security, Privacy, Automation, Compliance, and Engineering), this episode gets into the challenges and opportunities presented by the modern tech environment
Guest Socials: Fredrick Lee's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(04:42) A bit about Fredrick Lee
(07:42) How cloud changed cybersecurity?
(11:37) Threat Landscape in Software vs Hardware
(15:12) Threat Landscape in B2B vs B2C
(17:27) Navigating the First Steps as a New Company's CISO
(20:26) The role of compliance in Cybersecurity
(24:12) The role of privacy in Cybersecurity
(26:11) The role of AI in cybersecurity
(30:36) A bit about AI Cybersecurity Podcast
(31:09) What it means to be a CISO?
(34:34) Building CISO Roadmaps: Balancing Short-Term and Long-Term Goals
(36:49) Where to start with CISO Roadmap?
(39:02) What keeps Fredrick motivated about his CISO role?
(40:36) Whats next for current CISOs?
(42:50) The Fun Questions -
Why Email Breaches Still Happen?
Lets talk about the Evolution of Email Security. We have been speaking about Email Security for years but why has it not been solved? We spoke to Abhishek Agrawal, Co-founder of Material Security about the fact that despite of decades of advancements, email security remains a critical concern, with sophisticated attacks continually bypassing traditional controls. We explored the fascinating landscape of productivity suites like Microsoft 365 and Google Workspace, underscoring their importance beyond just communication tools. What are the critical aspects of threat management, posture management, and the necessity of a focused approach towards securing this often-overlooked segment of our digital infrastructure management.
Guest Socials: Abhishek's Linkedin Abhishek's Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions
(00:00) Introduction
(03:57) A bit about Abhishek
(04:49) What is a Productivity Suite?
(05:48) Why Email Security is still a focus in 2024?
(11:43) Where to start with Productivity Suite Security?
(15:03) The role of Cloud Native Tools in Productivity Suite Security
(19:38) Where can security leaders start with Productivity Suite Security
(24:39) Where can people learn more about Productivity Suite Security
(26:44) Fun Questions -
Essential Strategies to master Incident Response in Cloud
How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of applying on-premise incident response plans to cloud environments. They speak about the critical metrics of mean time to detect, respond, and recover, and why mastering the fundamentals is key to effective cloud security.
The conversation also covers practical strategies for building a detection framework, the importance of a balanced approach to log ingestion, and the nuanced differences in incident response between cloud and traditional on-premise environments.
Guest Socials: Andrew Tabona
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:20) A bit about Andrew Tabona
(04:26) What is Threat Detection and Response?
(06:14) Why incident response is different in Cloud?
(09:18) Benefits of doing Incident Response in Cloud?
(10:29) Is CSPM your incident response tool?
(12:33) Where to start with Detection in Cloud?
(16:35) Getting buy in from other teams for threat detection
(20:15) Should you build or buy a cybersecurity solution?
(22:34) Responding to incidents in a Cloud Context
(26:01) Containing incidents in a Cloud Context
(28:34) What kind of access do IR teams need?
(30:36) Balancing the signal to noise ratio
(32:10) Where to start with Threat Detection and Response
(34:37) Challenges an organisation might face
(35:58) Threat Detection and Response in MultiCloud
(37:52) Showing ROI of Cybersecurity to the business
(38:57) Where to learn about IR and Threat Detection?
(41:09) Fun Section
(44:14) Where you can connect with Andrew
Customer Reviews
One of the best cloud podcasts
I really enjoy podcast. Trying to move from IT to cloud and finding lots of good information here. Another brilliant thing is you can attend live shows and ask questions to the guests, not every podcast does that. Love that it covers wide variety of topics and cloud platforms. Next step is discord community!!! Keep it going, you and your team helping a lot.
Breathe of fresh air
Love this podcast, so good to hear thoughts of experts and the techies
Fantastic podcast
Really informative, really well structured.
Varied range of topics and guests on interesting topic areas.
Well worth listening too