Cloud Security Podcast2 Loka 2024

The Role of Cloud Security Research in 2024

Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data.

Guest Socials:⁠ ⁠⁠⁠⁠⁠⁠Scott's Linkedin + Scott's Twitter

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

Questions asked:

(00:00) Introduction

(02:07) A bit about Scott Piper

(02:48) What is a Cloud Security Research Team?

(04:30) Difference between traditional and Cloud Security Research

(07:21) Cloud Pentesting vs Cloud Security Research

(08:10) What is request collapsing?

(10:26) GitHub Actions and OIDC Research

(13:47) How has cloud security evolved?

(17:02) Tactical things for Cloud Security Program

(18:41) Impact of Kubernetes and AI on Cloud

(20:37) How to become a Cloud Security Researcher

(22:46) AWS Cloud Security Best Practices

(26:35) Trends in AWS Cloud Security Research

(28:11) Fun Questions

(30:22) A bit about fwd:cloudsec

Resources mentioned during the interview:

Wiz.io - Cloud Security Podcast listeners can also get a free cloud security health scan

PEACH framework

Wiz Research Blog

Avoiding security incidents due to request collapsing

A security community success story of mitigating a misconfiguration

Cloudmapper

flaws.cloud

fwd:cloudsec

CTFs

The Big IAM Challenge

Prompt Airlines , AI Security Challenge

Kubernetes LAN Party

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(344)

A TECHNICAL WOMEN DELIVERING NON-TECHNICAL TRAINING IN CYBERSECURITY | HOW TO BUILD CYBERSECURITY TRAINING PROGRAM- Fareedah Shaheed, Online Safety and Security Strategist, Sekuva

In this episode, we sit with Fareedah Shaheed, Online Safety and Security Strategist @Sekuva. Fareedah & Ashish spoke about Importance of being technical for women in cybersecurity? Challenges of ...

29 Maalis 202031min

How HASHICORP works with 90 percent Staff works Remotely | Incident Response | AWS Cloud Native! - Will Bengtson

In this episode, we sit with Will Bengtson, Director for Threat Detection and Response, Hashicorp. Will & Ashish spoke about What is Cloud Native & Cloud Security? How do you start with Threat Dete...

22 Maalis 202057min

Multi Cloud Strategy | Multi Cloud Management for companies of all size - David Linthicum , Chief Cloud Strategy Officer for Delloite

In this episode, we sit with David Linthicum, Chief Cloud Strategy Officer for Delloite. David & Ashish spoke about What is Cloud Security? How is security of data different/same in cloud from on-p...

15 Maalis 202044min

CCPA COMPLIANCE | CALIFORNIA CONSUMER PRIVACY ACT | DATA GOVERNANCE BEST PRACTICES - TAYLOR HERSOM, VCISO, AUSTIN,TEXAS

In this episode, we sit with Taylor Hersom, vCISO, Austin,Texas. Taylor & Ashish spoke about Data privacy and Cloud Security California Consumer Privacy Act and how it affects all organisations aro...

8 Maalis 202035min

Docker Security Best practice | Container Security 101 in AWS - Michael Hausenblas, Product Developer Advocate, AWS

Michael Hausenblas is a Product Developer Advocate, Amazon Web Services (AWS) Container Service team. Michael & Ashish spoke about Basics of Container Security Keeping Containers stateless vs buil...

1 Maalis 202042min

Threat Intelligence platform for cyber security in Azure | Incident Response in Azure - Ashwin Patil, Threat Intelligence Center, Microsoft

Ashwin Patel is a Senior Program Manager, Threat Intelligence Microsoft. Ashwin & Ashish in this episode spoke about Capital One Data breach and how Azure Sentinel could have helped Setting up Secu...

1 Maalis 202035min

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

David & Ashish spoke about What is Microsoft Ignite vs Microsoft Ignite Tour and why should cloud security people care about the event? Microsoft Ignite 2020 Sydney and Johannesburg What were th...

16 Helmi 202046min

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Helmi 202034min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää