The podcast for Security Architecture
Hosted by Moshe Ferber and Ariel Munafo.
The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The security community has not mastered yet the full art of developing software fast, at scale, and secure and variety of companies still struggle to found the right foundation for their security posture.
SilverLining podcast was created to help you do just that – find the right combination of people, processes, and technologies to build more secure and reliable services. We will focus on the latest development in infrastructure and software development and talk with people who mastered how to secure those. In each episode, we will host an expert for discussion on the security aspects of new technologies and provide insights, best practices, and knowledge in creating more secure software architecture.
SilverLining Episode 41: Securing ci/cd pipeline using policy as code
Guest: Eran Leib (vp product), Maor Goldberg (CEO)
Guest Title: Founders at Apolicy (a sysdig company)
Abstract: Infrastructure and policy as code is one of the hottest topics in security today. In this episode we spoke with Eran & Maor, founders at aPolicy (acquired by Sysdig shortly after the recording) , about cloud native security and how organizations should use automated policy templates for security CI/CD pipelines.
SilverLining Episode 40: Protecting SaaS services using automation & continuous monitoring
Guest: Adam Gavish
Guest Title: Co-Founder and CEO, DoControl.io
Topic: Protecting SaaS services using automation & continuous monitoring
Abstract: SaaS services are blooming and organizations are adopting more and more of them. In this episode, we hosted Adam Gavish, co-founder, and CEO at DoControl - an innovative startup that is reshaping the way we govern and monitor SaaS applications - about the business case of SaaS services, the market gaps, and how organizations should catalog, protect and monitor their SaaS portfolio.
SilverLining Episode 39: Securing API Services
Guest: Oz Avenstein
Guest Title: Founder & CEO @ Avensec - Cloud & Application Security
Topic: Securing API Services
The applicative infrastructure is becoming more and more complex due to different requirements, design patterns, and technologies. In many of these cases, one of those requirements is to connect other parties to systems, and in other cases, to connect systems to other parties. Nowadays, the most common connection method is to use Application Programming Interfaces (APIs). In this episode we spoke with Oz Avenstein, co-author of the CSA Security Guidelines for Providing and Consuming APIs about the guidelines creation process and how organizations should secure access to API resources.
SilverLining Episode 38: Cloud Native Security Foundations
Guest: Gadi Naor
Guest Title: VP Software Engineering, Cloud Security @ Rapid7
Topic: Cloud Native Security Foundations
Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach.
SilverLining Episode 37: Software Package Dependencies Attacks
Guest: Tzachi Zornstain
Guest Title: Co-Founder & CEO, Dustico
Topic: Software Package Dependencies Attacks
Supply chain and software dependencies attacks are becoming more popular, and organizations are having a hard time coping with those types of vectors. In this episode, we spoke with Tzach Zornstain, Co-Founder at Dustico, about the difference between malicious software and vulnerable software, and how organizations should use 3rd party software for the development of their own applications securely.
Episode 36: Wiz
Guest: Yinon Costica
Guest title: VP Product
Wiz is the new star in the cloud security market, founded by veterans with a proven record and raised over $100M in less than a year of operations. In this episode, we talked with Yinon Costica, Co-Founder and VP Product at Wiz, about cloud security challenges, how is Wiz different from others, and how are they going to disrupt the market.
תודה על פרקים מצויינים