![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
65 episodes
![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
Scale to Zero - No Security Questions Left Unanswered Scale To Zero
-
- Technology
We know security is challenging, but a timely understanding of security is far more challenging! Scale to Zero is built for all the security professionals for helping them to be more privacy and security-sensitive. With this show, we hope to address all the security-related issues that are challenging to understand and resolve without the help of experts. We believed that a community space like Scale to Zero would make things a little bit simpler for everyone after we discovered the discomfort of constantly switching back and forth.
-
Network Segmentation | Inserting Security Appliance | AWS | Ft. Tom Adamski | Ep.36 S2 | Cloudanix
Network Security Fortress: Master Network Segmentation! This episode dives deep into network segmentation - your secret weapon for building a secure and scalable network. We'll discuss best practices, tackle implementation challenges, and explore how to integrate segmentation with Zero Trust. Learn how to segment for containers, cloud environments, and more! Tune in and fortify your network defenses!
00:00 Teaser + Introduction
08:00 What is Network Segmentation?
10:10 At what stage of company should I think about Network Segmentation?
11:30 Benefits of Network Segmentation?
17:00 Best practices for implementing Network Segmentation
19:10 Ensuring proper enforcement and zero misconfiguration
21:50 Key factors when designing a Network Segmentation strategy
26:30 Deciding segmentation methods based on a specific scenario
35:20 Network segmentation in case users are using ECS or Kubernetes containers
38:15 Integrating Network Segmentation principles with Zero Trust architectures
42:10 Examples of common security appliances came across45:30 Factors to decide between cloud-native or third-party security appliances
48:30 Types of remote access solutions used today
52:50 Summary
53:45 Rating Security Practices -
Understanding the role of logging and monitoring in detective controls | Ep.35 S2 | Cloudanix
Struggling to keep your cloud environment secure? This episode with Kailash Havildar dives deep into logging and monitoring, your secret weapons for prevention, detection, and remediation. We'll uncover best practices, tackle common challenges, and show you how organizations can leverage threat intelligence and user behavior to stay ahead of cyberattacks. Tune in and learn how to measure your security investments and ensure your cloud fortress is impenetrable!
00:00 Teaser and Introduction
08:30 Tools and tricks for prevention, detection, and remediation in cloud environments
14:30 Role of logging and monitoring while implementing detective controls
16:50 Types of data or events to prioritize while logging and monitoring for security purposes
19:00 Challenges faced while implementing logging and monitoring, and how to tackle them
25:05 Capabilities to look for in sim solutions while creating detecting or monitoring
28:50 Use of automation for better log analysis and incident response process
31:00 How can startups secure their logging and monitoring systems
33:35 Factors that startups should consider for log retention and securing the storage
36:05 Logging and monitoring standards that different industries can follow
39:30 Key metrics to showcase the importance of logging and monitoring for stakeholders
42:30 Summary
43:23 Rating Security Practices -
Building Security Teams | Importance of Continuous Learning | Mathew Marji | Ep.34 S2 | Cloudanix
Worried about cyberattacks but can't find the right security people?
This episode of ScaletoZero with Matthew Marji is your one-stop shop! Matthew has cracked the code on building a dream cybersecurity team, from must-have skills to attracting top talent. Startups, learn about prioritizing security programs for your first hire. We'll also reveal how to create a security-focused culture that engineers will love, avoid common integration pitfalls, and explore the soft skills that make a security pro truly shine. Don't let cyber threats hold you back - listen in and build your dream cybersecurity team today!
00:00 Teaser and Introduction
05:13 Key skills organizations should look for hiring security professionals
09:20 Strategies for attracting and retaining top security talents
12:50 Security programs startups should prioritize when hiring their first security leader
15:00 Skills, Experience, or Anything else? What should startups prioritize?
17:40 How to ensure security culture remains at the forefront?
21:40 Common pitfalls to avoid when integrating cybersecurity into broader business processes
24:40 Recommendations to foster security culture in organizations
28:30 Practical strategies to bring security awareness to your organization
34:20 Technical learning needs for security leaders when hiring
40:10 Summary
40:47 Rating Security Practices -
Understanding Threat Modeling and Secure by Design Concept with Adam Shostack | Ep.33 | ScaletoZero podcast | Cloudanix
Get ready for a paradigm shift in how you build software. In this episode of the Scale to Zero podcast with Adam Shostack, we crash-landed with a powerful concept called Secure by Design! It's not just a mantra for the Rebel Alliance, it's the key to building unbreachable software from the very first line of code.
00:00 Teaser and Introduction of guest
05:44 What is the Secure by Design concept? And why is it crucial?
09:30 Difference between Secure by Design and Secure by Default
12:50 Key steps to integrate Secure by Design principles in SDLCs
18:45 Area of focus for integrating threat modeling in SDLCs
21:18 Validating the threat modeling design
25:50 Thin line between Star Wars and Secure by Design concept
31:00 Examples from Star Wars that resonate Secure by Design concept
33:20 Role of communication and collaboration in the Secure by Design concept across various teams
36:40 How to raise awareness about the importance of Secure by Design within workplaces
40:00 Concept of Cyber Public Health and its connection to threat modeling
44:29 Summary
45: 20 Rating Security Practices section -
Conquering Enterprise Risk Management with Amit Subhanje | Ep. 32 | Cloudanix
Feeling overwhelmed by cyber risk? We've got you covered! In this episode of ScaletoZero, Our guest Amit Subhanje dives deep into everything risk management, from understanding its importance to conquering cybersecurity and cloud security challenges. Remember security awareness is the key, get ready to become a risk management master! Hit play and join now!
00:00 Teaser + Introduction
04:35 Day in Amit's life
06:20 What is risk management and it's importance?
08:22 Risk management and cybersecurity or cloud security
11:00 Challenges organizations face managing cyber risks
13:55 How to address cyber risk challenges?
16:30 Thin line between enterprise risk management and risk management
17:00 How can startups build comprehensive risk mitigation plan?
22:45 Building security awareness in an organization
29:20 How can teams lead and be accountable for security incidents?
33:10 Summary
34:10 Rating security practices -
Exploring the World of Incident Response and Detection with Pablo Vidal | Ep 31 | Cloudanix
Feeling lost in the world of Detection and Response (D&R)? In this episode of ScaletoZero, our guest Pablo Vidal equips you with everything you need, from core concepts and overcoming common challenges to leveraging automation and building a winning incident response process. We explore the future of D&R with Generative AI, offer valuable advice for aspiring security engineers, and provide organizations with strategies to hire top talent and identify red flags during recruitment. Join us and become a D&R master!
00:00 Teaser
01:00 Introduction and more
07:00 Concept of Detection and Response
08:21 Motivation to continue in detection and response
11:40 Challenges in implementing incident detection and response process
13:30 Typical incident response process
15:25 Using automation or orchestration tools for incident response
17:00 Keeping the right balance between SDLC and incident response
19:35 Generative AI and Incident Response Process
22:20 Will GenAi replace security engineers?
24:40 Advice to newbies in incident and response
26:40 Additional skills to have
28:00 Skills organizations should look for while hiring security engineering teams
31:30 Strategies for organizations to attract top talent
33:45 Common do's and don't of hiring security engineering team
35:25 Red flags in candidates during the hiring process
37:37 Summary
38:37 Rating Security Practices