Scale to Zero - No Security Questions Left Unanswered

Scale To Zero

We know security is challenging, but a timely understanding of security is far more challenging! Scale to Zero is built for all the security professionals for helping them to be more privacy and security-sensitive. With this show, we hope to address all the security-related issues that are challenging to understand and resolve without the help of experts. We believed that a community space like Scale to Zero would make things a little bit simpler for everyone after we discovered the discomfort of constantly switching back and forth.

  1. Jun 24

    Beyond the Tools: Bridging Product Security Gaps | ft. Neelu Tripathy | Senior Security Architect | Cloudanix | ScaleToZero Podcast

    In our latest episode of the ScaleToZero podcast, we sat down with Neelu, a Senior Cloud Security Architect, for an incredibly pragmatic look at the state of modern product security. We bypassed the standard compliance checklists to talk about what actually works when defending a cloud ecosystem. We also tracked the massive evolution of product security and got a glimpse into Neelu’s personal motivation for driving security-first mindsets across engineering environments. Whether you’re an enterprise architect or an engineer trying to ship secure software, this episode will help you recalibrate your security and development priorities. Available on YouTube: https://youtu.be/eSxoKxDWrII Here's what we discussed in our strategy session: 00:00 Introduction04:55 Non-Negotiable Security Controls for AI-powered Workplaces07:44 Product Security Gaps and How to Bridge Them12:50 Prioritising Security in SDLC17:15 Overcomplicating Security23:15 Use of AI for Product Security34:10 Why do tools fail to stop hacks, and what actually works?40:10 Calibrating Security and Product Development45:30 AI for Developing Security Practices54:22 Neelu's Motivation for Security55:22 Evolution of Product Security57:57 Learning Recommendations59:49 Summary #CloudSecurity #ProductSecurity #AppSec #SDLC #AISecurity #SecurityArchitecture #TechPodcast #CloudArchitect #DevSecOps #ScaleToZero

    Beyond the Tools: Bridging Product Security Gaps | ft. Neelu Tripathy | Senior Security Architect | Cloudanix | ScaleToZero Podcast
  2. Mar 11

    Product Security at Scale: Minimizing Friction & Defending AI Integrations | ft. Sana Talwar | Ep.106 | ScaleToZero Podcast

    In this episode of ScaleToZero Podcast, we sit down with a Product Security Engineer to discuss the delicate balance between robust security, user experience, and developer velocity. From identifying red flags in security reviews to using AI for point-in-time vulnerability assessments, we cover the tactical moves that early security teams need to make today. The landscape is shifting from "Security vs. Engineering" to "Security + Engineering." If you're an early security team looking to leverage AI to punch above your weight class, this episode is a must-listen. YouTube: https://youtu.be/wv_1NZkv9bs Cloudanix: https://www.cloudanix.com 00:00 Introduction 03:40 Developer-friendly Security in Practice 07:22 Minimizing Friction between Security and Engineering 09:15 Navigating the Trade-offs between Security and User Experience 11:32 Red Flags in Third-Party Security Reviews and Internal Security Reviews 19:00 Point-in-Time Vulnerability Assessments using AI 21:35 Managing Malicious Updates without Manual Reviews 24:55 Communicating Third-Party Security Risks to a Product Manager 28:50 Improving Product Security using AI for Early Security Teams 33:20 AI Performing Critical Security Job Functions 35:27 Patching AI Prompt Injection Attacks 41:05 AI Integration and Reshaping Security Landscape 46:04 Summary #ProductSecurity #DevSecOps #AppSec #Cybersecurity #AISecurity #ProductManagement #DeveloperVelocity #TechLeadership #ScaleToZero

    Product Security at Scale: Minimizing Friction & Defending AI Integrations | ft. Sana Talwar | Ep.106 | ScaleToZero Podcast
  3. Feb 25

    eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast

    In this episode, we sit down with a veteran Security and Cloud Infra Leader to deconstruct the architecture of modern workload monitoring and the emerging risks of AI-driven connectivity. We dive deep into eBPF—the technology providing "invisible" observability—and the security implications of MCP (Model Context Protocol) servers in the enterprise.Whether you're an infra lead or a security engineer, this episode provides the technical depth to help you stay ahead of the curve. Also available on YouTube: https://youtu.be/iCfEJlgXFBU00:00 Teaser and Introduction04:12 Architectural differences between Agentless and Agent-based scanning07:50 Losing security signals in case of Agentless scanning09:23 Challenges of Agent-based scanning10:45 Vendor checklist for production release11:45 Noisy neighbour challenge and customer application14:52 Securing large agent-based vendor machines16:40 Use of eBPF for invisible workload monitoring19:17 Securing the eBPF21:00 Does eBPF solve the stability and performance risks?23:25 Security risks when LLMs use MCP servers27:16 Detect and Avoid MCP in an organizational environment32:32 Why use eBPF for security MCP?35:10 Using eBPF to run local servers in a secure way37:00 Can eBPF secure data leaks to AI models?41:19 Justifying stakeholders for using kernel-level security43:25 Evangelizing a security-first mindset44:50 Starting point for developer-led security using eBPF46:30 Learning recommendations47:10 Summary#eBPF #CloudSecurity #AISecurity #MCPServer #DevSecOps #AgentlessScanning #CloudInfrastructure #InfoSec #CybersecurityPodcast #LLMSecurity #KernelSecurity

    eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast

About

We know security is challenging, but a timely understanding of security is far more challenging! Scale to Zero is built for all the security professionals for helping them to be more privacy and security-sensitive. With this show, we hope to address all the security-related issues that are challenging to understand and resolve without the help of experts. We believed that a community space like Scale to Zero would make things a little bit simpler for everyone after we discovered the discomfort of constantly switching back and forth.