Scale to Zero - No Security Questions Left Unanswered

Scale To Zero
  • 5.0 (1)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

We know security is challenging, but a timely understanding of security is far more challenging! Scale to Zero is built for all the security professionals for helping them to be more privacy and security-sensitive. With this show, we hope to address all the security-related issues that are challenging to understand and resolve without the help of experts. We believed that a community space like Scale to Zero would make things a little bit simpler for everyone after we discovered the discomfort of constantly switching back and forth.

  1. eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast

    2D AGO

    eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast

    In this episode, we sit down with a veteran Security and Cloud Infra Leader to deconstruct the architecture of modern workload monitoring and the emerging risks of AI-driven connectivity. We dive deep into eBPF—the technology providing "invisible" observability—and the security implications of MCP (Model Context Protocol) servers in the enterprise.Whether you're an infra lead or a security engineer, this episode provides the technical depth to help you stay ahead of the curve. Also available on YouTube: https://youtu.be/iCfEJlgXFBU00:00 Teaser and Introduction04:12 Architectural differences between Agentless and Agent-based scanning07:50 Losing security signals in case of Agentless scanning09:23 Challenges of Agent-based scanning10:45 Vendor checklist for production release11:45 Noisy neighbour challenge and customer application14:52 Securing large agent-based vendor machines16:40 Use of eBPF for invisible workload monitoring19:17 Securing the eBPF21:00 Does eBPF solve the stability and performance risks?23:25 Security risks when LLMs use MCP servers27:16 Detect and Avoid MCP in an organizational environment32:32 Why use eBPF for security MCP?35:10 Using eBPF to run local servers in a secure way37:00 Can eBPF secure data leaks to AI models?41:19 Justifying stakeholders for using kernel-level security43:25 Evangelizing a security-first mindset44:50 Starting point for developer-led security using eBPF46:30 Learning recommendations47:10 Summary#eBPF #CloudSecurity #AISecurity #MCPServer #DevSecOps #AgentlessScanning #CloudInfrastructure #InfoSec #CybersecurityPodcast #LLMSecurity #KernelSecurity

    49 min
  2. The Last9 Story: Scaling Engineering, GTM Strategy, and the Reality of "Overnight Success | Ep.104 | ScaleToZero Podcast | Ft. Nishant Modak | Cloudanix

    FEB 4

    The Last9 Story: Scaling Engineering, GTM Strategy, and the Reality of "Overnight Success | Ep.104 | ScaleToZero Podcast | Ft. Nishant Modak | Cloudanix

    What does it take to build a company that redefines how we look at engineering reliability? In this episode, we sit down with the Founder of Last9 to peel back the curtain on the journey from a single "Aha!" moment to a scaling enterprise.We move beyond the pitch deck to discuss the raw reality of building a startup, the mental models for engineering leadership, and what Vision 2026 looks like in the age of GenAI. Transcript: https://www.scaletozero.com/episodes/the-last9-story-scaling-engineering-gtm-strategy-and-the-reality-of-overnight-success/ Cloudanix: https://cloudanix.com/ YouTube: https://youtu.be/a955CYXLRdg00:00 Introduction of Nishant Modak03:00 Birth of Last906:40 The "Aha" moment13:00 How is Last9 different?19:10 Building blocks of Last924:20 The Moments of Overnight Success33:05 Go To Market Strategy41:40 Mental Model to Separate Administration and Engineering46:00 Engineering vs Selling49:40 Hard things of hard things, which gave results over time55:00 Vision 2026 with GenAI58:04 KPIs that helped in scaling01:01:25 Personal learnings and life#StartupStory #FounderJourney #EngineeringLeadership #Last9 #GTMStrategy #Entrepreneurship #SRE #Reliability #GenAI2026 #ScalingStartups #techpodcast

    1h 9m
  3. AWS vs. GCP IAM Architecture & The Future of Security in 2026 | ft. Senior Security Engineer (CISSP) - Sneha Malshetti

    JAN 14

    AWS vs. GCP IAM Architecture & The Future of Security in 2026 | ft. Senior Security Engineer (CISSP) - Sneha Malshetti

    This episode is a masterclass in modern cloud architecture and the fast-evolving world of AI security. In episode 103, we sat down with a Senior Security Engineer (CISSP) to break down the architectural nuances of AWS vs. GCP IAM and how security roles are evolving in 2026. From mastering cross-account access to defining data perimeters for AI training models, this episode is a deep dive into the technical and strategic layers of cloud-native security. YouTube: https://youtu.be/Y_OCpI8LJb4 Transcript: https://www.scaletozero.com/episodes/aws-vs-gcp-iam-architecture-the-future-of-security-in-2026-with-sneha-malshetti-cissp/ Sneha Malshetti: https://www.linkedin.com/in/sneha-malshetti/ Fearless Organization: https://www.amazon.in/Fearless-Organization-Psychological-Workplace-Innovation/dp/1119477247TLS Handshake Deep Dive and decryption with Wireshark: https://www.youtube.com/watch?v=25_ftpJ-2ME Cloudanix: https://cloudanix.com/ 00:00 Introduction 04:30 Architectural differences between AWS and GCP IAM 08:40 Best practices to approach IAM in AWS and GCP 11:00 Achieving centralized identity federation for a consistent user experience 13:45 Manage cross-account access securely in AWS vs GCP 14:40 Balancing RBAC for large organizations 18:00 Automation and Auditing recommendations for IAM 21:42 Managing access for large organizations 23:55 Monitoring Privileged Access 27:20 Balancing Security and Speed 30:19 Data Perimeter boundaries and their importance 34:20 How have security functions transformed in the AI world? 36:55 Will AI replace Humans? 38:15 Managing sensitive data used to train AI models 42:42 Security Trends in 2026 45:48 Summary 46:48 Learning Recommendation

    49 min
  4. Zero Trust AI & Human Risk | Senior Director of Security | Ft. James Cash | Ep. 102 | ScaleToZero Podcast | Cloudanix

    11/26/2025

    Zero Trust AI & Human Risk | Senior Director of Security | Ft. James Cash | Ep. 102 | ScaleToZero Podcast | Cloudanix

    What are the security weaknesses that everyone overlooks, and how is the rise of AI changing the risk calculus? We sat down with a Senior Director of Security and Compliance to discuss strategic defense, from securing human capital to implementing Zero Trust for AI systems.This episode is essential for CISOs, security leaders, and compliance officers navigating the volatile landscape of modern risk. How does AI work: https://blog.hubspot.com/marketing/how-does-ai-work YouTube: https://youtu.be/feudnGhDZ78 Transcript:https://www.scaletozero.com/episodes/zero-trust-ai-human-risk-a-guide-to-future-proofing-security-with-james-cash/ 00:00 Introduction 05:08 Significant security weaknesses often overlooked 10:25 AI SBOMs and Security 14:10 Biggest risks in security from AI systems 16:31 Ensuring AI systems are secure and responsible 20:55 Zero Trust AI Systems for Internal and Third-Party Teams 24:20 Evolution of Risks with Rise in AI 27:15 Evaluating between Traditional vs. AI SaaS provider 33:50 Keeping Stakeholders' interests in Security 39:21 Responding to Insider Threats 45:45 KPIs for Human Risk Management 49:41 Summary 50:51 Learning recommendations

    53 min
  5. Beyond Tech: Culture and Mindset of Security Engineering | Ft. Dakota Riley | Ep.101 | Cloudanix

    11/12/2025

    Beyond Tech: Culture and Mindset of Security Engineering | Ft. Dakota Riley | Ep.101 | Cloudanix

    In modern, fast-moving organizations, security is a shared responsibility, not a silo. We sat down with a Staff Security Engineer who operates at the intersection of development speed and security integrity to explore what truly defines a strong security program.This episode offers essential advice for leadership, engineers, and recruiters, covering everything from core culture to the risks of new AI models. Also available on YouTube: https://youtu.be/2ut2GQPWA4I00:00 Introduction05:41 CyberArk Acquisition07:40 Top 3 Elements of Building a Strong Security Culture10:50 Good Engineering is Security Engineering13:20 Why do organizations face challenges in achieving a security culture?16:54 Moving Fast - Startups vs. Large Enterprises19:08 Addressing challenges - Startups vs. Large Scale Companies23:00 KPIs to Show Security Progress26:16 Security Teams as Enablers32:57 Right Mindset for Security Engineering36:36 Hiring the Right Security Talent38:31 Addressing Non-Deterministic Nature of LLMs43:13 Trade-Offs of Implementing Bias in Alert Triaging Systems46:11 Training an Agent for Catching Malicious Attacks48:35 Summary49:35 Learning Recommendations

    52 min
  6. Kubernetes Security Mastery: Shifting Mindsets for Ephemeral Environments | Ep.100 | Ft. Dinis Cruz

    10/29/2025

    Kubernetes Security Mastery: Shifting Mindsets for Ephemeral Environments | Ep.100 | Ft. Dinis Cruz

    The shift from static data centers to dynamic Kubernetes workloads changes everything about security. In this essential episode, we sit down with an industry leader—an ex-vCISO, OWASP contributor, and founder of a new firm—to break down the new rules of cloud-native defense. If you are dealing with short workload lifecycles, balancing security with velocity, or figuring out the true impact of AI on your role, this is a must-watch. YouTube: https://youtu.be/J0asVeOCAggDinis Cruz: https://www.linkedin.com/in/diniscruz/ Host: https://www.linkedin.com/in/mpurusottamc/ Cloudanix: https://www.cloudanix.com/ 00:00 Introduction and Teaser03:00 Minset Shift - From Static Servers to Kubernetes Workloads06:05 Challenges of Shifting From Traditional Data Centers to Serverless08:35 Balancing Security and Other Business Priorities14:20 Varying Cloud Costs and Managing Security Compliance19:19 Logging and Monitoring - How to prioritize effectively?23:34 Identity and Access Management for Short Workload Lifecycles28:49 Leveraging Generative AI for better Security Engineering38:12 Anticipating Attacker Mindset and Defending Your Cloud Environments45:36 How will AI evolve security roles in general?52:17 Summary53:03 Learning Recommendations from the guest

    55 min
  7. A PSA's Journey - Bridge Between Business and Technology at AWS | Ft. Lalit Khatter | ScaleToZero Business

    10/15/2025

    A PSA's Journey - Bridge Between Business and Technology at AWS | Ft. Lalit Khatter | ScaleToZero Business

    Have you ever wondered what it takes to drive successful partnerships in the AWS ecosystem? In this episode, we sit down with Lalit Khatter, a Senior AWS Partner Solution Architect, who gives us a deep dive into his dynamic role and the strategies that help AWS Partners thrive. Lalit shares his journey from Software Engineer to PSA and reveals the essential traits of a successful AWS Partner. Whether you're an aspiring PSA, a business leader at an AWS Partner, or simply curious about the engine that drives cloud adoption, this podcast offers unparalleled insights! 00:00 Teaser and Introduction 03:57 Role of a Partner Solution Architect and their day-to-day 08:15 Why Partner Solution Architect as a job role? 19:52 Transition from software engineer to AWS PSA 23:22 How would a SI company work with Lalit for partnering with AWS? 31:04 Trait of a successful partner 38:40 AWS programs that help partners get visibility to prospective customers 41:58 Aha moment after getting started with the AWS partner environment 48:08 Scaling with AWS Marketplace 01:03:05 Amazon Pace and Ambassador Program: Hand-in-Hand 01:06:23 AWS Ambassador Program and how to invest in it 01:10:20 Business Outcome Accelerator (AWS BOX) 01:22:53 Weekends of Lalit Khatter 01:28:40 Next 5 years of AWS Partner programs 01:33:01 Stuff about Lalit

    1h 42m
  8. Integrating Security Into Your SDLC Process | Ft. Ashish Bhadouria | Ep. 98 | ScaleToZero Podcast

    10/01/2025

    Integrating Security Into Your SDLC Process | Ft. Ashish Bhadouria | Ep. 98 | ScaleToZero Podcast

    How do you keep pace with AI adoption without compromising your security standards? We sat down with a Security and Privacy Engineering Manager to tackle the toughest challenges facing modern DevSecOps teams and C-Suite leaders today.This episode is packed with practical strategies on integrating security early and effectively. We dive deep into:00:00 Teaser and Introduction05:35 The real Challenges of Integrating Security into SDLC08:35 Embedding Security Into Developer Workflows12:09 Balancing Security & Velocity: Advice for the C-Suite16:11 Aligned Autonomy: How Enterprises Balance Security & Freedom20:46 AI Adoption is Fast- Security is Playing Catch-Up24:46 The Biggest Misconception About AI Security27:26 Defense-in-Depth for Securing AI Workloads31:27 Evolving Defenses Against Sophisticated AI-Driven Attacks35:04 AI-Driven Transformation in Security Operations and Testing38:15 Human-in-the-Loop: Why SOC Analysts Remain Essential in the AI Era41:25 Summary42:20 Learning RecommendationImportant LinksAshish Bhadouria: https://www.linkedin.com/in/ashishbhadouria/ScaleToZero: https://scaletozero.com/Cloudanix: https://scaletozero.com/Purusottam: https://www.linkedin.com/in/mpurusottamc/Art of War: https://www.amazon.in/Art-War-Sun-Tzu/dp/8184950888TLDR Sec: https://tldrsec.com/Pragmatic Engineer Blog: https://blog.pragmaticengineer.com/

    46 min
See All (104)

About

We know security is challenging, but a timely understanding of security is far more challenging! Scale to Zero is built for all the security professionals for helping them to be more privacy and security-sensitive. With this show, we hope to address all the security-related issues that are challenging to understand and resolve without the help of experts. We believed that a community space like Scale to Zero would make things a little bit simpler for everyone after we discovered the discomfort of constantly switching back and forth.

Information