35 episodes

The podcast for Security Architecture
Hosted by Moshe Ferber and Ariel Munafo.

The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The security community has not mastered yet the full art of developing software fast, at scale, and secure and variety of companies still struggle to found the right foundation for their security posture.

SilverLining podcast was created to help you do just that – find the right combination of people, processes, and technologies to build more secure and reliable services. We will focus on the latest development in infrastructure and software development and talk with people who mastered how to secure those. In each episode, we will host an expert for discussion on the security aspects of new technologies and provide insights, best practices, and knowledge in creating more secure software architecture.

SilverLining I‪L‬ MarkeTech Group

    • Technology
    • 5.0 • 2 Ratings

The podcast for Security Architecture
Hosted by Moshe Ferber and Ariel Munafo.

The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The security community has not mastered yet the full art of developing software fast, at scale, and secure and variety of companies still struggle to found the right foundation for their security posture.

SilverLining podcast was created to help you do just that – find the right combination of people, processes, and technologies to build more secure and reliable services. We will focus on the latest development in infrastructure and software development and talk with people who mastered how to secure those. In each episode, we will host an expert for discussion on the security aspects of new technologies and provide insights, best practices, and knowledge in creating more secure software architecture.

    Episode 35: Compliance Automation and Zero Trust Containers

    Episode 35: Compliance Automation and Zero Trust Containers

    Sponsored By:
     
    ‍‍
    Attendees
    Guest: Malgorzata (Gosia) SteinderGuest title: CTO of Hybrid Cloud Research. IBM researchTopic: Compliance automation and zero trust containers
     
    Abstract
    Continuous monitoring, containers, zero trust, confidential computing - those are all examples of technologies that will be the main focus in the upcoming years. In this episode, we hosted Malgorzata (Gosia) Steinder, CTO of Hybrid Cloud Research at IBM, who provided her vision on how all those technologies mentioned above, should be integrated into highly secure applications deployments.
     
    Links: 

    NIST OSCAL standard: https://pages.nist.gov/OSCAL/
    Automated compliance Open Source tool  by IBM  https://github.com/IBM/compliance-trestle
    Security monitoring open source tool by IBM:  https://www.ibm.com/blogs/research/2020/01/sysflow/
    workload identity: https://developer.ibm.com/solutions/security/articles/protecting-data-using-secret-management-trusted-service-identity/

     
     

    • 33 min
    Episode 34: PayPal cloud journey

    Episode 34: PayPal cloud journey

    Attendees
    Guest: Assaf Keren
    Guest Title: VP, Enterprise Cyber Security
    Company: PayPal
    Abstract
    PayPal is one of the most interesting organizations in the world in terms of security. The combination of online presence with the unique line of business is making PayPal one of the most secure hi-tech companies and one of the most innovative financial institutions. 
    In this episode, we hosted Assaf Keren, VP of enterprise cyber security, for a discussion about PayPal’s cloud journey from traditional on-premise to the multi-cloud / multi-locations giant they are now, and how COVID-19 is changing Paypal’s digital journey with their customers & employees.
     
     

    • 49 min
    Episode 33: Researching Cloud Vulnerabilities

    Episode 33: Researching Cloud Vulnerabilities

    Attendees
    Guest: Asaf Hecht 
    Guest Title: Security research team leader
    Company: CyberArk 
    Abstract
    With the growth of cloud services, more knowledge is gathered on vulnerabilities and misconfigurations in cloud infrastructure. A great deal of this knowledge is coming from cloud security researchers. In this episode, we host Asaf Hecht, Security research team leader At Cyberark, for a conversation about cloud security research and the vulnerabilities they disclose are various cloud vendors. 

    • 31 min
    Episode 32: Understanding Infrastructure as Code and How to Use it Effectively

    Episode 32: Understanding Infrastructure as Code and How to Use it Effectively

    Attendees
    Guest: Ohad Maislish 
    Guest Title: Co-Founder & CEO 
    Company: env0
    Abstract
    Infrastructure as code is one of the most interesting technologies in the market. It enables organizations to deploy heavy workloads within seconds and avoid risky configuration mistakes. In this episode, we talked with Ohad Maislish, Co-Founder and CEO at env0, about infrastructure as code technology, how and where it is being used, and how env0 helps organizations to better utilize this technology.
    Timing
    0:00 introducing our guest
    2:26 What is infrastructure as a code
    10:16 Examples for practical deployment of IaaC
    13:55 How IaaC is helping governance 
    19:20 IaaC behind the scenes
    25:18 IaaC in a multi-cloud environment
    28:40 Summary and last words

    • 31 min
    Episode 31: Understanding Cloud Native Security Basics

    Episode 31: Understanding Cloud Native Security Basics

    Attendees
    Guest: Benjy Portnoy
    Guest Title: Sr. Director, Solution Architects
    Company: Aqua Security
    Abstract
    A cloud-native security strategy entails protecting the infrastructure, build, and running workloads. In this episode, we spoke with Benjy Portnoy, Sr Director of Solution Architects at Aqua Security regarding cloud-native security fundamentals. We also delve into various attacks identified in the recently published Cloud Native Threat Report by Aqua's security research team, Nautilus.
    Timing
    0:00 introducing our guest
    2:50 what is cloud native security
    5:11 Sorting out between CWPP, CSPM & DevSecOps
    8:01 Protecting the build, the platform and workload
    10:30 Understanding what is CASB 
    12:45 diving into the kinsing attack
    29.11 Summary and last words

    • 32 min
    Episode 30:  The challenges of CISO in a security company

    Episode 30:  The challenges of CISO in a security company

    Attendees
    Guest: Eitan Satmary
    Guest Title: CISO 
    Company: Tufin
    Abstract
    Being a CISO is challenging, being a CISO at a security vendor is even more challenging. In this episode we host Eitan Satmary, CISO for Tufin, to talk about the good and bad of being a CISO in a cyber security vendor. We will talk about CISO's ability to influence innovation and product roadmap in the company and how the transition from on-prem offering to SaaS offering changed the company's security posture.
    Timing:
    0:00 introducing our guest
    4:20 CISO in a security company:  influence the innovation team
    10:30 the relationship between CISO and the sales department
    12:30 the company journey of adding cloud capabilities
    15:00 CISO’s first steps
    20:11 Risk management considerations for SaaS companies
    25:00  Summary and final thoughts

    • 29 min

Customer Reviews

5.0 out of 5
2 Ratings

2 Ratings

dvid namorsky ,

נהנה לשמוע

תודה על פרקים מצויינים

Top Podcasts In Technology

Listeners Also Subscribed To