Cloud Security Podcast by Google Anton Chuvakin
-
- Technology
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.
We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.
We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.
-
EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC
Guest:
Payal Chakravarty, Director of Product Management, Google SecOps, Google Cloud
Topics:
What are the different use cases for GenAI in security operations and how can organizations prioritize them for maximum impact to their organization?
We’ve heard a lot of worries from people that GenAI will replace junior team members–how do you see GenAI enabling more people to be part of the security mission?
What are the challenges and risks associated with using GenAI in security operations?
We’ve been down the road of automation for SOCs before–UEBA and SOAR both claimed it–and AI looks a lot like those but with way more matrix math-what are we going to get right this time that we didn’t quite live up to last time(s) around?
Imagine a SOC or a D&R team of 2029. What AI-based magic is routine at this time? What new things are done by AI? What do humans do?
Resources:
Live video (LinkedIn, YouTube) [live audio is not great in these]
Practical use cases for AI in security operations, Cloud Next 2024 session by Payal
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
15 must-attend security sessions at Next '24
-
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
Guests:
no guests (just us!)
Topics:
What are some of the fun security-related launches from Next 2024 (sorry for our brief “marketing hat” moment!)?
Any fun security vendors we spotted “in the clouds”?
OK, what are our favorite sessions? Our own, right? Anything else we had time to go to?
What are the new security ideas inspired by the event (you really want to listen to this part! Because “freatures”...)
Any tricky questions at the end? Resources:
Live video (LinkedIn, YouTube) [live audio is not great in these]
15 must-attend security sessions at Next '24
Cloud CISO Perspectives: 20 major security announcements from Next ‘24
EP137 Next 2023 Special: Conference Recap - AI, Cloud, Security, Magical Hallway Conversations (last year!)
EP136 Next 2023 Special: Building AI-powered Security Tools - How Do We Do It?
EP90 Next Special - Google Cybersecurity Action Team: One Year Later!
A cybersecurity expert's guide to securing AI products with Google SAIF Next 2024 session
How AI can transform your approach to security Next 2024 session -
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
Guests:
Umesh Shankar, Distinguished Engineer, Chief Technologist for Google Cloud Security
Scott Coull, Head of Data Science Research, Google Cloud Security
Topics:
What does it mean to “teach AI security”? How did we make SecLM? And also: why did we make SecLM?
What can “security trained LLM” do better vs regular LLM?
Does making it better at security make it worse at other things that we care about?
What can a security team do with it today? What are the “starter use cases” for SecLM?
What has been the feedback so far in terms of impact - both from practitioners but also from team leaders? Are we seeing the limits of LLMs for our use cases? Is the “LLM is not magic” finally dawning?
Resources:
“How to tackle security tasks and workflows with generative AI” (Google Cloud Next 2024 session on SecLM)
EP136 Next 2023 Special: Building AI-powered Security Tools - How Do We Do It?
EP144 LLMs: A Double-Edged Sword for Cloud Security? Weighing the Benefits and Risks of Large Language Models
Supercharging security with generative AI
Secure, Empower, Advance: How AI Can Reverse the Defender’s Dilemma?
Considerations for Evaluating Large Language Models for Cybersecurity Tasks
Introducing Google’s Secure AI Framework
Deep Learning Security and Privacy Workshop
Security Architectures for Generative AI Systems
ACM Workshop on Artificial Intelligence and Security
Conference on Applied Machine Learning in Information Security
-
EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse
Speakers:
Maria Riaz, Cloud Counter-Abuse, Engineering Lead, Google Cloud
Topics:
What is “counter abuse”? Is this the same as security?
What does counter-abuse look like for GCP?
What are the popular abuse types we face?
Do people use stolen cards to get accounts to then violate the terms with?
How do we deal with this, generally?
Beyond core technical skills, what are some of the relevant competencies for working in this space that would appeal to a diverse set of audience?
You have worked in academia and industry. What similarities or differences have you observed?
Resources / reading:
Video
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
P161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud
“Art of War” by Sun Tzu
“Dare to Lead” by Brene Brown
"Multipliers" by Liz Wiseman -
EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)
Guests:
Evan Gilman, co-founder CEO of Spirl
Eli Nesterov, co-founder CTO of Spril
Topics:
Today we have IAM, zero trust and security made easy. With that intro, could you give us the 30 second version of what a workload identity is and why people need them?
What’s so spiffy about SPIFFE anyway?
What’s different between this and micro segmentation of your network–why is one better or worse?
You call your book “solving the bottom turtle” could you tell us what that means?
What are the challenges you’re seeing large organizations run into when adopting this approach at scale?
Of all the things a CISO could prioritize, why should this one get added to the list? What makes this, which is so core to our internal security model–ripe for the outside world?
How people do it now, what gets thrown away when you deploy SPIFFE? Are there alternative?
SPIFFE is interesting, yet can a startup really “solve for the bottom turtle”?
Resources:
SPIFFE and Spirl
“Solving the Bottom Turtle” book [PDF, free]
“Surely You're Joking, Mr. Feynman!” book [also, one of Anton’s faves for years!]
“Zero Trust Networks” book
Workload Identity Federation in GCP -
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
Guest:
Ahmad Robinson, Cloud Security Architect, Google Cloud
Topics:
You’ve done a BlackHat webinar where you discuss a Pets vs Cattle mentality when it comes to cloud operations. Can you explain this mentality and how it applies to security?
What in your past led you to these insights? Tell us more about your background and your journey to Google. How did that background contribute to your team?
One term that often comes up on the show and with our customers is 'shifting left.' Could you explain what 'shifting left' means in the context of cloud security? What’s hard about shift left, and where do orgs get stuck too far right?
A lot of “cloud people” talk about IaC and PaC but the terms and the concepts are occasionally confusing to those new to cloud. Can you briefly explain Policy as Code and its security implications? Does PaC help or hurt security?
Resources:
“No Pets Allowed - Mastering The Basics Of Cloud Infrastructure” webinar
EP33 Cloud Migrations: Security Perspectives from The Field
EP126 What is Policy as Code and How Can It Help You Secure Your Cloud Environment?
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud