Build an Effective AWS Cloud Security Program in 2024
Cloud Security Podcast5 Tammi 2024

Build an Effective AWS Cloud Security Program in 2024

How can you build a robust cloud security program in AWS, particularly as a startup and small to medium-sized businesses navigating AWS in 2024? We spoke to Chris Farris, who is the event chair for fwd:cloudsec, a known cloud security expert and one of the first AWS Heroes for security.

Chris shared his insights on how to build a security strategy that is both practical and effective in today's dynamic cloud environment. From discussing the importance of AWS organizations and Identity Centre to breaking down the complexities of cloud security posture management. You will hear actionable advice and best practices.


Guest Socials: Chris's Linkedin ⁠(⁠⁠⁠@chrisfarris⁠)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp


Questions Asked:

(00:00) Introduction

(02:59) A bit about Chris Farris

(03:30) fwd:cloudsec Conference

(04:19) AWS Hero program for Cloud Security

(05:23) Building Effective Cloud Security Programs

(11:39) Top Recommendations for AWS Cloud Security

(13:34) What is AWS IAM Identity Center?

(18:02) How to Set Up AWS IAM Identity Center?

(20:13) Cloud Security in different industries

(29:31) The role of a Cloud Security Engineer

(34:30) Cloud Security Breaches

(38:02) Educational Resources in Cloud Security

(42:41) The Fun Section


Resources spoken about in this episode: fwd:cloudsec AWS IAM Identity Center Leveraging AWS SSO (aka Identity Center) with Google Workspaces breaches.cloud

Jaksot(345)

Creating Effective Sigma Rules with AI

Creating Effective Sigma Rules with AI

Can Threat Detection be enhanced with AI? Ashish sat down with Dave Johnson, Senior Threat Intelligence Advisor at Feedly, at BSides SF 2024, where Dave also presented a talk. Dave shares his journey ...

25 Kesä 202422min

What is the future of security operations with AI in 2024?

What is the future of security operations with AI in 2024?

How can AI impact Cloud Security Operations? Ashish sat down with Ely Kahn, VP of Cloud Security and AI at SentinelOne to talk about the evolving landscape of cloud security and the future of Security...

14 Kesä 202423min

Cloud Native Security Strategies for 2024

Cloud Native Security Strategies for 2024

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes s...

31 Touko 202431min

Real-World Cloud Security Challenges and Solutions Explained for 2024

Real-World Cloud Security Challenges and Solutions Explained for 2024

What are the practical steps for orienting yourself in a new cloud environment? Ashish sat down with Rich Mogull and Chris Farris to explore the intricacies of effective cloud security strategies. Dra...

21 Touko 202459min

Why Least Privilege Matters in Cloud Security?

Why Least Privilege Matters in Cloud Security?

What's the best way to navigate least privilege complexities in a multi cloud environment? And how is the role of identity management evolving? We spoke to Jeff Moncrief from Sonrai Security on why id...

14 Touko 202426min

How is Kubernetes Network Security Evolving?

How is Kubernetes Network Security Evolving?

How is eBPF impacting Kubernetes Network Security? In this episode, recorded LIVE at Kubecon EU Paris 2024, Liz Rice, Chief Open Source Officer at Isovalent took us through the technical nuances of eB...

30 Huhti 202420min

The Future of Software Development with AI

The Future of Software Development with AI

How can we leverage AI for more secure and efficient code and how will it impact devsecops? Ashish spoke to Michael Hanley, CSO and SVP of Engineering at GitHub, about the transformative impact of Git...

23 Huhti 202438min

The role of Real Time Defense in Cloud Security

The role of Real Time Defense in Cloud Security

In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared ...

16 Huhti 202421min