Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast6 Heinä 2023

Using Data Perimeters in AWS To Scale Guardrails

Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin⁠⁠⁠) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: John Burgress (John - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(03:13) A word from our sponsors

(03:38) A bit about John Burgess

(04:26) Data perimeter in the Cloud

(05:10) Defining data perimeter in AWS

(06:50) Where to start building AWS data perimeter

(08:21) The defense in depth approach 09:09 Approach to enable developers

(10:40) Starting point for building data perimeter

(11:41) Limitations with Data Perimeter

(13:06) Implementing data perimeter for segregation

(15:52) Working with Terraform Modules

(16:34) Goals behind data perimeter controls

(18:31) Proactive detection for third party

(20:00) Data perimeter for other CSPs

(20:42) Challenges in establishing data perimeter

(23:06) Dealing with multiple organisations

(23:35) Learn more about data perimeter

(24:06) The fun section


These are some of the resources John found helpful for data perimeter:

See you at the next episode!

Jaksot(344)

Building an Incident Response Team for High-Growth Companies

Building an Incident Response Team for High-Growth Companies

In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies....

22 Elo 202427min

State of Cloud Security 2024 - Leadership Edition

State of Cloud Security 2024 - Leadership Edition

Leadership Insights on Cloud Security in 2024. Ashish sat down with return guest Srinath Kuruvadi, a seasoned cloud security leader with over two decades of experience in the field. Together, they exp...

6 Elo 202425min

Cloud Native Strategies from a FinTech CISO

Cloud Native Strategies from a FinTech CISO

What are you doing differently today that you're stopping tomorrow's legacy? In this episode Ashish spoke to Adrian Asher, CISO and Cloud Architect at Checkout.com, to explore the journey from monolit...

30 Heinä 202421min

Fixing Cloud Security with AWS Lambda

Fixing Cloud Security with AWS Lambda

How to secure AWS cloud using AWS Lambda? We spoke to Lily Chau from Roku at BSidesSF about her experience and innovative approach to tackling security issues in AWS environments. From deploying IAM r...

23 Heinä 202421min

What is confidential computing? Explained for 2024

What is confidential computing? Explained for 2024

How can you protect your data with Confidential Compute and Containers? Ashish spoke to Zvonko Kaiser, Principal Systems Software Engineer, Confidential Containers and Kubernetes at Nvidia about confi...

16 Heinä 202422min

The Evolution of Infrastructure as Code so far - 2024 Edition

The Evolution of Infrastructure as Code so far - 2024 Edition

How to implement infrastructure as code? Ashish spoke to Armon Dadgar. Co-Founder and CTO at HashiCorp at Hashidays London. Armon speaks about his journey from co-creating Terraform, the first open-so...

9 Heinä 202427min

What is AI-SPM?

What is AI-SPM?

What is the future of AI Security and Data Protection? At AWS re:Inforce in Philadelphia this year, Ashish spoke to Dan Benjamin, Head of Data, Identity and AI Security at Prisma Cloud about the new c...

4 Heinä 202423min

Creating Effective Sigma Rules with AI

Creating Effective Sigma Rules with AI

Can Threat Detection be enhanced with AI? Ashish sat down with Dave Johnson, Senior Threat Intelligence Advisor at Feedly, at BSides SF 2024, where Dave also presented a talk. Dave shares his journey ...

25 Kesä 202422min