Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast6 Heinä 2023

Using Data Perimeters in AWS To Scale Guardrails

Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin⁠⁠⁠) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: John Burgress (John - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(03:13) A word from our sponsors

(03:38) A bit about John Burgess

(04:26) Data perimeter in the Cloud

(05:10) Defining data perimeter in AWS

(06:50) Where to start building AWS data perimeter

(08:21) The defense in depth approach 09:09 Approach to enable developers

(10:40) Starting point for building data perimeter

(11:41) Limitations with Data Perimeter

(13:06) Implementing data perimeter for segregation

(15:52) Working with Terraform Modules

(16:34) Goals behind data perimeter controls

(18:31) Proactive detection for third party

(20:00) Data perimeter for other CSPs

(20:42) Challenges in establishing data perimeter

(23:06) Dealing with multiple organisations

(23:35) Learn more about data perimeter

(24:06) The fun section


These are some of the resources John found helpful for data perimeter:

See you at the next episode!

Jaksot(344)

Google Cloud Security Pentesting Methodology

Google Cloud Security Pentesting Methodology

Penetration Test of a Web Application hosted on Google Cloud in 2023 is quite different to just a simple/traditional web app pentesting.Cloud Penetration testing is misunderstood to be just config rev...

24 Elo 202337min

Network Pentest 2.0 : The Cloud Pentest Revolution

Network Pentest 2.0 : The Cloud Pentest Revolution

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opin...

22 Elo 202354min

Google Cloud Hacking Red Team Perspective!

Google Cloud Hacking Red Team Perspective!

Google cloud hacking or pentesting is very different to other popular cloud service providers like aws or azure. In this episode we had Shannon McHale (Mandiant now Google Cloud) to talk about how she...

2 Elo 202332min

Cloud Security in the BoardRoom - CISO Perspective with Phil Venables

Cloud Security in the BoardRoom - CISO Perspective with Phil Venables

CISOs in organizations that are going through digital transformation have a responsibility of educating the board on how Cloud Security is measured and improved on to manage the risk posture of the or...

30 Heinä 202340min

Google Cloud IAP - A Pentester Viewpoint

Google Cloud IAP - A Pentester Viewpoint

Google Cloud Security Assessment from a pentester's lens. Anjali from NotSoSecure will be sharing her research into Google Cloud IAP & finding ways to assess the use of Google Cloud IAP in your enviro...

26 Heinä 202333min

Doing Google Cloud Security RIGHT!

Doing Google Cloud Security RIGHT!

AWS Landing zones are well known but not as much in the Google Cloud space. In this episode we have Jimmy Barber shares how controls can be automated in GCP to create landing zone to manage security a...

25 Heinä 202334min

An AWS Centric View of Google Cloud Identity

An AWS Centric View of Google Cloud Identity

Cloud Security Podcast - Yes - AWS Cloud folks are starting to look after Google Cloud security now in a lot of organisations. Caleb Tennis from Sequoia Capital joins us to share his personal experien...

22 Heinä 202345min

So You WANT TO DO Google Cloud Threat Detection - Start here!

So You WANT TO DO Google Cloud Threat Detection - Start here!

Cloud Security Podcast - Cybersecurity Threat hunting explained for Google Cloud. Day Johnson is a threat detection engineer and in this episode of Cloud security for Google Cloud security we spoke ab...

10 Heinä 202339min