Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast6 Heinä 2023

Using Data Perimeters in AWS To Scale Guardrails

Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin⁠⁠⁠) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: John Burgress (John - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(03:13) A word from our sponsors

(03:38) A bit about John Burgess

(04:26) Data perimeter in the Cloud

(05:10) Defining data perimeter in AWS

(06:50) Where to start building AWS data perimeter

(08:21) The defense in depth approach 09:09 Approach to enable developers

(10:40) Starting point for building data perimeter

(11:41) Limitations with Data Perimeter

(13:06) Implementing data perimeter for segregation

(15:52) Working with Terraform Modules

(16:34) Goals behind data perimeter controls

(18:31) Proactive detection for third party

(20:00) Data perimeter for other CSPs

(20:42) Challenges in establishing data perimeter

(23:06) Dealing with multiple organisations

(23:35) Learn more about data perimeter

(24:06) The fun section


These are some of the resources John found helpful for data perimeter:

See you at the next episode!

Jaksot(344)

Why Email Breaches Still Happen?

Why Email Breaches Still Happen?

Lets talk about the Evolution of Email Security. We have been speaking about Email Security for years but why has it not been solved? We spoke to Abhishek Agrawal, Co-founder of Material Security abou...

5 Huhti 202430min

Essential Strategies to master Incident Response in Cloud

Essential Strategies to master Incident Response in Cloud

How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of...

2 Huhti 202445min

From Code Suggestions to Security

From Code Suggestions to Security

What is GitHub Copilot? Its a AI-powered coding assistant that's redefining how developers write code. We spoke to Joseph Katsioloudes, a security specialist from the GitHub Security Lab. We spoke abo...

12 Maalis 202421min

Cloud Security Operations for Modern Threats

Cloud Security Operations for Modern Threats

How is your Cloud Incident Preparedness? Is your CSPM enough? Ashish spoke to Ariel Parnes, Co-Founder and COO at Mitiga about the concept of "Assume Breach" and its importance in developing a proacti...

8 Maalis 202435min

Understanding Threat Modeling in Cloud

Understanding Threat Modeling in Cloud

Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organiz...

1 Maalis 202450min

Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis

Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis

What is the role of AI in Legal Research and Data Security? We spoke to Matt McKeever, CISO and Head of Cloud Engineering at LexisNexis, a company that uses GenAI and Custom LLM models to help its cus...

23 Helmi 202417min

Sidecar Container Vulnerability in Kubernetes explained

Sidecar Container Vulnerability in Kubernetes explained

Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno...

16 Helmi 202415min

Role of application security posture management in cybersecurity

Role of application security posture management in cybersecurity

Navigating modern application security in a world of Cloud, DevSecOps and now AI is getting rather complex. We spoke to Idan Plotnik, who has 24 years of cybersecurity experience under his belt and is...

2 Helmi 202440min