How to detect software supply chain attacks with Honeytokens?
Cloud Security Podcast25 Elo 2023

How to detect software supply chain attacks with Honeytokens?

Can Honeytokens be used in your supply chain security? Turns out we can! We spoke to Mackenzie Jackson ( @advocatemack ) from @GitGuardian about the benefits of using Honeytokens, which organisations can benefit from them and whats involved in deploying them and next steps once they are triggered.


Episode YouTube:⁠⁠Video Link⁠⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Mackenzie Jackson (⁠ @advocatemack ⁠)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question

(00:00) Introduction (02:01) A bit about Mackenzie Jackson (02:37) What are Honeytokens? (03:35) Traditional threat detection (05:29) Honeytoken in action (07:02) Deployments for Honeytokens (09:46) Role of Honeytoken in Supply Chain (11:02) Deploying and managing Honeytokens (13:12) Incident response with Honeytokens (15:01) What companies should use Honeytokens? (16:05) What if the key is deleted !


Resources:

You can find out more about Honeytokens & GitGuardian here!

See you at the next episode!

Jaksot(345)

How to become a Cloud Native Security Architect?

How to become a Cloud Native Security Architect?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christophe Parisel (Christophe's Linkedin) about what how to transition from being a technical architect on premise to a cloud ...

30 Loka 202250min

Compliance as Code in Kubernetes

Compliance as Code in Kubernetes

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jim Bugwadia (Jim's Twitter) about policy management and compliance as code for Kubernetes and how you can use open source tool...

24 Loka 202246min

Software Signing for Kubernetes Supply Chain & Everybody Else

Software Signing for Kubernetes Supply Chain & Everybody Else

In this episode of the Virtual Coffee with Ashish edition, we spoke with Luke Hinds (Luke's Twitter) the open source Sigstore project and how it is helping with software signing and protecting the sof...

16 Loka 202250min

KUBERNETES BEST PRACTICES 2022

KUBERNETES BEST PRACTICES 2022

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jimmy Mesta (Jimmy's Twitter) about OWASP Kubernetes Top 10 and best practices for securing Kubernetes Episode ShowNotes, Link...

10 Loka 202250min

Building Blocks of a Modern Cloud Security Program

Building Blocks of a Modern Cloud Security Program

Modern Cloud Security Programs hire for builders who can develop tools that help developers walk down a Paved road where security is not a blocker but at the same time prevents developers from making ...

29 Syys 202239min

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

Azure Cloud Security Architecture (Day 0) ,Custom Azure Role definitions, Azure Privilege Access Management etc can be complex to build. Continuing from part 1 In the part 2 of our This is My Cloud Se...

25 Syys 20221h 4min

SecDataOps Explained - Modern Security Stack

SecDataOps Explained - Modern Security Stack

Data Lakes as an asset to collect and build threat actors or hiring for Data Scientists/Analyst are not typical things in Cloud Security well unless the organisation is dealing with PetaBytes of data....

16 Syys 202247min

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 1

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 1

Azure Cloud Security Architecture, Azure Policies can be complex to build. In the part 1 of our This is My Cloud Security Architecture Series Episode we have Sai, a Cloud Security Architect walking us...

12 Syys 202255min