How to detect software supply chain attacks with Honeytokens?
Cloud Security Podcast25 Elo 2023

How to detect software supply chain attacks with Honeytokens?

Can Honeytokens be used in your supply chain security? Turns out we can! We spoke to Mackenzie Jackson ( @advocatemack ) from @GitGuardian about the benefits of using Honeytokens, which organisations can benefit from them and whats involved in deploying them and next steps once they are triggered.


Episode YouTube:⁠⁠Video Link⁠⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Mackenzie Jackson (⁠ @advocatemack ⁠)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question

(00:00) Introduction (02:01) A bit about Mackenzie Jackson (02:37) What are Honeytokens? (03:35) Traditional threat detection (05:29) Honeytoken in action (07:02) Deployments for Honeytokens (09:46) Role of Honeytoken in Supply Chain (11:02) Deploying and managing Honeytokens (13:12) Incident response with Honeytokens (15:01) What companies should use Honeytokens? (16:05) What if the key is deleted !


Resources:

You can find out more about Honeytokens & GitGuardian here!

See you at the next episode!

Jaksot(344)

A TECHNICAL WOMEN DELIVERING NON-TECHNICAL TRAINING IN CYBERSECURITY | HOW TO BUILD CYBERSECURITY TRAINING PROGRAM- Fareedah Shaheed, Online Safety and Security Strategist, Sekuva

A TECHNICAL WOMEN DELIVERING NON-TECHNICAL TRAINING IN CYBERSECURITY | HOW TO BUILD CYBERSECURITY TRAINING PROGRAM- Fareedah Shaheed, Online Safety and Security Strategist, Sekuva

In this episode, we sit with Fareedah Shaheed, Online Safety and Security Strategist @Sekuva. Fareedah & Ashish spoke about Importance of being technical for women in cybersecurity? Challenges of ...

29 Maalis 202031min

How HASHICORP works with 90 percent Staff works Remotely | Incident Response | AWS Cloud Native! - Will Bengtson

How HASHICORP works with 90 percent Staff works Remotely | Incident Response | AWS Cloud Native! - Will Bengtson

In this episode, we sit with Will Bengtson, Director for Threat Detection and Response, Hashicorp. Will & Ashish spoke about What is Cloud Native & Cloud Security? How do you start with Threat Dete...

22 Maalis 202057min

Multi Cloud Strategy | Multi Cloud Management for companies of all size - David Linthicum , Chief Cloud Strategy Officer for Delloite

Multi Cloud Strategy | Multi Cloud Management for companies of all size - David Linthicum , Chief Cloud Strategy Officer for Delloite

In this episode, we sit with David Linthicum, Chief Cloud Strategy Officer for Delloite. David & Ashish spoke about What is Cloud Security? How is security of data different/same in cloud from on-p...

15 Maalis 202044min

CCPA COMPLIANCE | CALIFORNIA CONSUMER PRIVACY ACT | DATA GOVERNANCE BEST PRACTICES - TAYLOR HERSOM, VCISO, AUSTIN,TEXAS

CCPA COMPLIANCE | CALIFORNIA CONSUMER PRIVACY ACT | DATA GOVERNANCE BEST PRACTICES - TAYLOR HERSOM, VCISO, AUSTIN,TEXAS

In this episode, we sit with Taylor Hersom, vCISO, Austin,Texas. Taylor & Ashish spoke about Data privacy and Cloud Security California Consumer Privacy Act and how it affects all organisations aro...

8 Maalis 202035min

Docker Security Best practice | Container Security 101 in AWS - Michael Hausenblas, Product Developer Advocate, AWS

Docker Security Best practice | Container Security 101 in AWS - Michael Hausenblas, Product Developer Advocate, AWS

Michael Hausenblas is a Product Developer Advocate, Amazon Web Services (AWS) Container Service team. Michael & Ashish spoke about Basics of Container Security Keeping Containers stateless vs buil...

1 Maalis 202042min

Threat Intelligence platform for cyber security in Azure | Incident Response in Azure - Ashwin Patil, Threat Intelligence Center, Microsoft

Threat Intelligence platform for cyber security in Azure | Incident Response in Azure - Ashwin Patil, Threat Intelligence Center, Microsoft

Ashwin Patel is a Senior Program Manager, Threat Intelligence Microsoft. Ashwin & Ashish in this episode spoke about Capital One Data breach and how Azure Sentinel could have helped Setting up Secu...

1 Maalis 202035min

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

David & Ashish spoke about What is Microsoft Ignite vs Microsoft Ignite Tour and why should cloud security people care about the event? Microsoft Ignite 2020 Sydney and Johannesburg What were th...

16 Helmi 202046min

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Helmi 202034min