HOW TO BUILD A CLOUD SECURITY PROGRAM WITH CONTAINERS
Cloud Security Podcast5 Helmi 2023

HOW TO BUILD A CLOUD SECURITY PROGRAM WITH CONTAINERS

Cloud Security Podcast - This month we are talking about "Building on the AWS Cloud" and next up on this series, we spoke to Mrunal Shah (Mrunal's Linkedin), Head of Container Security at Warner Bros. Discovery. We talk about how to build a Container or K8s security program while best practices are maintained and team have the right capability and tools. 4 Cs - Cloud, Container & Cluster, Code can be foundational to this

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Mrunal Shah (Mrunal's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Intro

(02:01) https://snyk.io/csp

(02:30) Mrunal's Professional Background

(03:04) Why containers are popular (technical reasons)

(04:05) Why containers are popular (leadership reasons)

(05:39) Challenges with running a Container Security Program (Leadership)

(06:34) Team skill challenge in a Container Security Program

(08:57) When to pick AWS ECS vs AWS EKS?

(10:53) ECS or EKS for building Banking Applications?

(13:12) Would Kubernetes/ Containers be preferred for security reasons?

(15:04) What would Amazon's responsibility be for security with ECS/EKS?

(16:13) What is bad about working with Containers in AWS?

(19:40) Is there a need for anti-virus in a container world?

(20:36) Balance of security when working with containers?

(22:08) Threat Detection and Prevention in a Container Security Program

(22:57) Using AWS Services for Threat Detection with Containers?

(25:14) Runtime Threat Discovery vs Agentless Threat Discovery for containers in Cloud?

(29:11) Prevention on the left vs Detection on the right of SDLC

(29:22) Cluster Misconfig vs Service Misconfigurations?

(30:19) Vulnerability Management vs Misconfiguration Management?

(31:50) Inspector in a Container Security Program?

(32:36) Detective in a Container Security Program?

(35:36) Can AWS Services help when Non-AWS services are in use?

See you at the next episode!

Jaksot(345)

BlackHat USA 2024 Highlights and Recap

BlackHat USA 2024 Highlights and Recap

What were the main themes at BlackHat USA 2024? With respect to Cloud Security, maybe with a sprinkle of AI Security. Our team was on the ground at BlackHat and DefCon32 this year, we heard many talks...

28 Elo 202439min

Building an Incident Response Team for High-Growth Companies

Building an Incident Response Team for High-Growth Companies

In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies....

22 Elo 202427min

State of Cloud Security 2024 - Leadership Edition

State of Cloud Security 2024 - Leadership Edition

Leadership Insights on Cloud Security in 2024. Ashish sat down with return guest Srinath Kuruvadi, a seasoned cloud security leader with over two decades of experience in the field. Together, they exp...

6 Elo 202425min

Cloud Native Strategies from a FinTech CISO

Cloud Native Strategies from a FinTech CISO

What are you doing differently today that you're stopping tomorrow's legacy? In this episode Ashish spoke to Adrian Asher, CISO and Cloud Architect at Checkout.com, to explore the journey from monolit...

30 Heinä 202421min

Fixing Cloud Security with AWS Lambda

Fixing Cloud Security with AWS Lambda

How to secure AWS cloud using AWS Lambda? We spoke to Lily Chau from Roku at BSidesSF about her experience and innovative approach to tackling security issues in AWS environments. From deploying IAM r...

23 Heinä 202421min

What is confidential computing? Explained for 2024

What is confidential computing? Explained for 2024

How can you protect your data with Confidential Compute and Containers? Ashish spoke to Zvonko Kaiser, Principal Systems Software Engineer, Confidential Containers and Kubernetes at Nvidia about confi...

16 Heinä 202422min

The Evolution of Infrastructure as Code so far - 2024 Edition

The Evolution of Infrastructure as Code so far - 2024 Edition

How to implement infrastructure as code? Ashish spoke to Armon Dadgar. Co-Founder and CTO at HashiCorp at Hashidays London. Armon speaks about his journey from co-creating Terraform, the first open-so...

9 Heinä 202427min

What is AI-SPM?

What is AI-SPM?

What is the future of AI Security and Data Protection? At AWS re:Inforce in Philadelphia this year, Ashish spoke to Dan Benjamin, Head of Data, Identity and AI Security at Prisma Cloud about the new c...

4 Heinä 202423min