The Truth About CNAPP and Kubernetes Security
Cloud Security Podcast14 Tammi 2025

The Truth About CNAPP and Kubernetes Security

In this episode of the Cloud Security Podcast, host Ashish Rajan speaks to James Berthoty, founder of Latio.Tech and an engineer-driven analyst, for a discussion on cloud security tools. In this episode James breaks down CNAPP and what it really means for engineers, if kubernetes secuity is the new baseline for cloud security and runtime security vs vulnerability management.


Guest Socials: ⁠⁠⁠James's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠ AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction

(02:26) A bit about James

(03:20) What in Cloud Security in 2025?

(04:51) What is CNAPP?

(07:01) Differentiating a vulnerability from misconfiguration

(11:51) Vulnerability Management in Cloud

(15:38) Is Kubernetes becoming the default?

(21:50) Is there a good way to do platformization?

(24:16) Should CNAPP include Kubernetes?

(28:07) What is AI Security in 2025?

(35:06) Tool Acronyms for 2025

(37:27) Fun Questions

Jaksot(345)

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

In this episode sponsored by Virtual Coffee with Ashish edition, we spoke with Graeme Cantu-Park, CISO of Matilion Host: Ashish Rajan - Twitter @hashishrajan Guest: Graeme Cantu-Park - Linkedin ...

31 Touko 202037min

What is a Connected Car | How to secure api in connected cars? - Virtual Coffee with Ashish - Alissa Knight

What is a Connected Car | How to secure api in connected cars? - Virtual Coffee with Ashish - Alissa Knight

In this episode of the Virtual Coffee with Ashish edition, we spoke with Alissa Knight, Car Hacker, Author, Cybersecurity Influencer and Entrepreneur Host: Ashish Rajan - Twitter @hashishrajan Gues...

24 Touko 20201h 3min

What is SRE? When should i have SRE? - Virtual Coffee with Ashish - Tim Heckman

What is SRE? When should i have SRE? - Virtual Coffee with Ashish - Tim Heckman

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tim Heckman, Sr. SRE Netflix. Host: Ashish Rajan - Twitter @hashishrajan Guest: Tim Heckman What is SRE? Is it helpful t...

17 Touko 202040min

NIST CyberSecurity Metrics for the Board - Taylor Hersom

NIST CyberSecurity Metrics for the Board - Taylor Hersom

In this episode of the Virtual Coffee with Ashish edition, we spoke with @Taylor Hersom about Why do CyberSecurity Professionals need to think about talking Cyber Security to the board? What kind ...

10 Touko 202057min

Virtual Coffee with Ashish - Cloud Security Podcast & Hacker Valley Studio

Virtual Coffee with Ashish - Cloud Security Podcast & Hacker Valley Studio

In this episode, we sit with Chris Cochran & Ronald Eddings from Hacker Valley Studio. Chris Cochran & Ronald Eddings from Hacker Valley Studio & Ashish spoke about How did you get into CyberSecurit...

3 Touko 20201h

Scaling a DevSecOps model | SERVERLESS SECURITY BEST PRACTICES with Abhay Bhargav , CTO , we45

Scaling a DevSecOps model | SERVERLESS SECURITY BEST PRACTICES with Abhay Bhargav , CTO , we45

In this episode, we sit with Abhay Bhargav, CTO, we45. Abhay & Ashish spoke about What is Cloud Security? Is multi-cloud a thing? What is DevSecOps? What is a good maturity in the DevSecOps sp...

26 Huhti 202041min

CORONAVIRUS & CYBERSECURITY | ISOLATION LIFE

CORONAVIRUS & CYBERSECURITY | ISOLATION LIFE

In this episode, we are covering a trending topic CORONAVIRUS OR COVID19 and how it is affecting businesses around me and my friends & colleagues. I also talk about my personal challenge with starting...

19 Huhti 202010min

How to secure and improve cloud environment - Merritt Baer, Principal Security Architect, AWS

How to secure and improve cloud environment - Merritt Baer, Principal Security Architect, AWS

In this episode, we sit with Merritt Baer, Principal Security Architect, AWS. Merritt & Ashish spoke about What is Cloud Security? What does security look like in a mature organisation? How can...

11 Huhti 202052min