138 episodes

Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud.

We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.

We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.

Cloud Security Podcast Cloud Security Podcast Team

    • Technology
    • 5.0 • 32 Ratings

Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud.

We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.

We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.

    AWS IAM Getting Started

    AWS IAM Getting Started

    In this episode of the Virtual Coffee with Ashish edition, we spoke with Ian Mckay (@iann0036), a AWS Community Hero, AWS APN Ambassador who has a lot of popular open sources projects in the AWS security space.

    Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
    Host Twitter: Ashish Rajan (@hashishrajan)

    Guest Twitter: Ian Mckay (@iann0036)

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel:

    - Cloud Security News 

    - Cloud Security Academy

    • 40 min
    Remote Access Trojans target Public Cloud Infrastructure

    Remote Access Trojans target Public Cloud Infrastructure

    Cloud Security News this week 19 Jan 2022


    Cisco Talos Researchers have shared in a blog last week that  a trio of remote access Trojans (RATs)—Nanocore, Netwire and AsyncRAT—are being spread in a campaign that taps public cloud infrastructure and is primarily aimed at victims in the U.S., Italy and Singapore. According to the blog “Threat actors are increasingly using cloud technologies to achieve their objectives without having to resort to hosting their own infrastructure,” and “cloud services like Azure and AWS allow attackers to set up their infrastructure and connect to the internet with minimal time or monetary commitments. It also makes it more difficult for defenders to track down the attackers’ operations.”  Read more about this here.
    Netskope also released a blog last week about Malwares. Interestingly their research which surveyed millions of users worldwide from January 1, 2020 to November 30, 2021 found that Cloud-delivered malware is now more prevalent than web-delivered malware, accounting for 66%, up from 46% last year. They also found that Google Drive is the top app for most malware downloads and Cloud-delivered malware via Microsoft Office nearly doubled from 2020 to 2021. Read the report here
    Vulnerability in AWS’s cloudformation service that was discovered and shared by Orca Security. Orca Security confirmed that  AWS completely mitigated within 6 days of their submission.If you want to know more about their discovery, you can read it here
    The US government is reportedly reviewing the cloud computing arm of Chinese ecommerce giant Alibaba to determine whether or not it poses a risk to national security.” As reported by Reuters, the Biden administration launched the probe to find out more about how Alibaba Cloud stores the data of US clients including personal information and intellectual property and to see if the Chinese government could gain access to it. You can read Reuters report here
    Sysdig’s platform who were recently valued at 2.5 Billion have expanded their cloud security offering to Azure Cloud aswell. . You can find out more about them here 

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    Instagram - Cloud Security News 

    If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

    - Cloud Security Podcast:

    - Cloud Security Academy:

    • 7 min
    Secret Management for Modern Apps Explained

    Secret Management for Modern Apps Explained

    In this episode of the Virtual Coffee with Ashish edition, we spoke with Dylan Ayrey (@insecurenature) is a Professional Hacker and Co-Founder of Truffle Security (@trufflesec)

    Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
    Host Twitter: Ashish Rajan (@hashishrajan)

    Guest Twitter: Dylan Ayrey (@insecurenature)

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel:

    - Cloud Security News 

    - Cloud Security Academy

    • 48 min
    CISO in a Cloud World in 2022 - Stu Hirst

    CISO in a Cloud World in 2022 - Stu Hirst

    In this episode of the Virtual Coffee with Ashish edition, we spoke with Stu Hirst (Linkedin-Stu Hirst) is the Chief Information Security Officer (CISO) of Trustpilot (@Trustpilot).

    Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
    Host Twitter: Ashish Rajan (@hashishrajan)

    Guest Twitter: Stu Hirst (Linkedin-Stu Hirst)

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel:

    - Cloud Security News 

    - Cloud Security Academy

    • 39 min
    UK Financial Regulators monitoring Cloud Providers Closely

    UK Financial Regulators monitoring Cloud Providers Closely

    Cloud Security News this week 12 Jan 2022


    UK’s financial regulators - The Prudential Regulation Authority is looking to increase it’s monitoring of Cloud providers like AWS, Azure and Google Cloud. According to Financial times, they are looking to gain more access to data from these cloud providers because the impact outages and cyberattacks have on British Banks. They are looking at implementing more robust outages and disaster recovery tests given the increasing reliance UK banks have on a handful of cloud providers. A lot of major British banks have partnerships with cloud providers “AWS has announced deals with Barclays and HSBC, while Lloyd Banking Group holds partnerships with Google Cloud and Microsoft Azure.”. There is an increasing concerns about the impacts on the banks should these cloud providers experience outages. You can view the financial times article here
    Speaking of regulators and how they are dealing with cloud providers, a few weeks ago in December Chinese regulators have “suspended an information-sharing partnership with Alibaba Cloud Computing” over concerns that it failed to promptly report and address a cybersecurity vulnerability. According to 21st Century Business Herald, citing a recent notice by the Ministry of Industry and Information Technology “Alibaba Cloud did not immediately report vulnerabilities in the popular, open-source logging framework Apache Log4j2 to China's telecommunications regulator”.This comes after, according to Reuters “The Chinese government has asked state-owned companies to migrate their data from private operators such as Alibaba and Tencent to a state-backed cloud system by next year.” From what we understand, there is no statement from Alibaba Cloud on this yet. You can read more about this here.
    Gartner's Report can be found here.
    Redhat's Report can be found here.

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    Instagram - Cloud Security News 

    If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

    - Cloud Security Podcast:

    - Cloud Security Academy:

    • 4 min
    Building Modern Identity (IAM) Roadmap for Cloud

    Building Modern Identity (IAM) Roadmap for Cloud

    In this episode of the Virtual Coffee with Ashish edition, we spoke with Fred Wilmot (@fewdisc) is an ex-Veteran and Chief Information Security Officer (CISO) of JumpCloud (@JumpCloud).

    Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

    Host Twitter: Ashish Rajan (@hashishrajan)

    Guest Twitter: Fred Wilmot (@fewdisc)

    Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

    If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel:

    - Cloud Security News 

    - Cloud Security Academy

    • 48 min

Customer Reviews

5.0 out of 5
32 Ratings

32 Ratings

gblind8 ,

Insightful questions I’m curious to know the answer to

If you’re looking to hear from professionals in the field from a spectrum of experience, I would highly recommend this podcast. Some interview guests on other podcasts are difficult to relate to because they’re outliers. In this podcast, you’ll hear from guests that you can tangibly aspire to.

Kapil CSP ,

Best in class Cloud Security Updates

Over the last few years, podcasts have grown from a fringe media to one of the most popular ways to get news and information. For those in the know, or those who need to know, cloud security podcast hosted by Ashish is far best what I came across. Ashish is thought leader in cloud industry. With this in mind, he is one of best editor that have compiled a list of over hundreds of cloud security podcasts, To keep up with the latest news, trends, best practices, and to hear from the top minds in the industry, I highly recommend giving these a listen.

UsulMuadDib ,

Amazing weekly cloud security podcast!

When I started trying to get an understanding of “What is Cloud Security?”, “What do all these crazy acronyms mean?”, and “How do I keep up to date with one of the fastest changing landscapes?” I downloaded the “The Cloud Security Podcast” and I couldn’t stop listening. And even better than all the topical information is the cloud security community that engages listener and promotes community. -David Matousek

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
Tristan Harris and Aza Raskin, The Center for Humane Technology
NPR
Jack Rhysider
Jason Calacanis

You Might Also Like

CyberWire, Inc.
CISO Series
ITWC
Johannes B. Ullrich
The Record Media