Secure your SaaS applications like this!
Cloud Security Podcast21 Marras 2023

Secure your SaaS applications like this!

SaaS Applications support large companies, small startups. We inevitably accumulate SAAS applications to manage our employees, payroll, communication with things like Workday, Slack, Salesforce and now even things like ChatGPT. But how do you find out what you have and if they are secure. We spoke about all things SSPM with Max Feldman who has done Product Security for years at companies like Slack, Salesforce and now AppOmni.


Thank you to our episode sponsor AppOmni

You can get a copy of their SaaS Security Posture Management Report 2023 here

Guest Socials: Max's Linkedin ⁠(@maxfeldman14)⁠

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp


Questions asked:

(00:00) Introduction

(04:20) A bit about Max

(04:48) What is a SaaS application?

(05:45) What is SSPM?

(09:33) When to consider a SSPM?

(15:45) SaaS and the Cloud

(16:39) SaaS Attack Surface

(19:34) CASB vs SSPM

(24:00) Is ChatGPT a SaaS application?

(25:07) SSPM vs CSPM + CNAPP

(27:33) SSO and Onboarding

(29:21) Starting a SaaS Security Program

(36:48) Challenges with SaaS Security Program

(41:50) Where you can find Max!

Jaksot(345)

All the Security Updates - Google Cloud Next 21 - Cloud Security News

All the Security Updates - Google Cloud Next 21 - Cloud Security News

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to no...

20 Loka 20215min

What is Cloud Native Application Protection Platform - CNAPP Explained!

What is Cloud Native Application Protection Platform - CNAPP Explained!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Om Moolchandani (@omaitrika) is a CISO and CTO at Accurics (@AccuricsSec).. Episode ShowNotes, Links and Transcript on Cloud Se...

17 Loka 202148min

Google Cloud Next 21, Kubecon and VMworld - Cloud Security News

Google Cloud Next 21, Kubecon and VMworld - Cloud Security News

Cloud Security News this week 14 October 2021 It's an eventful month for all things cloud as Google Cloud Next 21 and Kubecon are happening this week. Ashish from Cloud Security Podcast was co-hosting...

13 Loka 20214min

Implementing Cloud Security Tools the Right way - Stay Alert Not Fatigue!

Implementing Cloud Security Tools the Right way - Stay Alert Not Fatigue!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Gaurav Kumar (@gauravphoenix) is the Founder of Dassana (@DassanaSecurity). Episode ShowNotes, Links and Transcript on Cloud Se...

10 Loka 202135min

AWS Launches Cloud Control API - Cloud Security News

AWS Launches Cloud Control API - Cloud Security News

Cloud Security News this week 06 October 2021 AWS has announced the availability of AWS Cloud Control API - a set of common application programming interfaces (APIs) that are designed to make it eas...

6 Loka 20213min

Data Security in Cloud with David McCaw, Dasera

Data Security in Cloud with David McCaw, Dasera

In this episode of the Virtual Coffee with Ashish edition, we spoke with David McCaw (Linkedin - David McCaw) is a Co-Founder of Dasera (@DaseraInc). Episode ShowNotes, Links and Transcript on Cloud S...

3 Loka 202149min

Cloud Security ranks in 2021 OWASP Top 10 - Cloud Security News

Cloud Security ranks in 2021 OWASP Top 10 - Cloud Security News

Cloud Security News this week - 29 September 2021 Amazon Web Services, Google Cloud, IBM, and Microsoft have joined forces this week with the Enterprise Data Management (EDM) Council to publish a f...

29 Syys 20213min

Cloud Security Careers: Application Security Engineer Skills with Tanya Janca

Cloud Security Careers: Application Security Engineer Skills with Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca (@shehackspurple) is an Author, Security Trainer and Founder of We Hack Purple (@WeHackPurple). Episode ShowNotes,...

26 Syys 202144min