AZT: API Security with John Kindervag, Chase Cunningham, and Richard Bird
Adopting Zero Trust31 Elo 2023

AZT: API Security with John Kindervag, Chase Cunningham, and Richard Bird

Season two, episode 15: We talk ZT History and API security with the godfather of Zero Trust, Dr Zero Trust, and Richard Bird.

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here.

In the past few years, supply chain attacks and their impacts have or will soon overtake that of the damage done by ransomware. It’s of no surprise then that APIs are a critical attack vector that threat actors like to exploit, yet many organizations do not have a good understanding of how many doors they have running into their data.

This week we chat with the godfather of Zero Trust, Dr. Zero Trust, and a chief security officer about the current state of API security maturity. Considering our guests, we, of course, also took the opportunity to chat a bit about Zero Trust's history.

This week we have three very special guests:

  • John Kindervag, the creator (godfather) of Zero Trust
  • Chase Cunningham, AKA Dr Zero Trust, and the now VP of Market Research for G2
  • Richard Bird, Traceable AI’s Chief Security Officer
Key Takeaways
  • Like any other cybersecurity concept, APIs must have an asset inventory
  • There is enough margin of error tied to the intended use of APIs that require continuous monitoring/verification
  • There is a current maturity gap associated with securing the use of APIs in the name of speed and innovation, and often there is not a well-established owner
Editors Note

We will be taking a publishing break for the month of September as my daughter has arrived, and I will need to catch up on all the sleep I can get. We should be back in October and run through until the holiday break before we wrap season two. I’m also working on a few experimental podcast series during my parental leave, so stay tuned. At least one in particular should be of interest to our audience here. Also, if you work for a cybersecurity org and are interested in launching a podcast, slide into my inbox if you need a hand.

Hosted on Acast. See acast.com/privacy for more information.

Jaksot(58)

Adopting Zero Trust: Philosophy of Prevention with iHeartMedia’s Janet Heins

Adopting Zero Trust: Philosophy of Prevention with iHeartMedia’s Janet Heins

Season two, episode 13: Cybersecurity prevention on a global scale with Janey Heins, Global CISO for iHeartMedia. At the heart of Zero Trust is the idea of prevention. If you don’t trust anything or a...

27 Heinä 202344min

Adopting Zero Trust: Continuous Trust

Adopting Zero Trust: Continuous Trust

Over the past two years, we’ve explored the ins and outs of Zero Trust, ranging from the concept as a strategy down to the more technical components, such as how it impacts the physical world as found...

13 Heinä 202329min

Adopting Zero Trust: Nonfederated Apps

Adopting Zero Trust: Nonfederated Apps

Last episode, we brought to you a wild story of a victim who was SIM-swapped four times, and this week we’re back to basics with some fresh research and a closer look at a critical piece of Zero Trust...

29 Kesä 202354min

Adopting Zero Trust: SIM Swapped

Adopting Zero Trust: SIM Swapped

Taking a break from our usual format, this week we chat with a victim-turned-CEO who was hit by SIM-swapping attacks. However, not all harsh starts have to end that way, and Haseeb Awan made the best ...

15 Kesä 202359min

Adopting Zero Trust with Bloomberg: Implemented

Adopting Zero Trust with Bloomberg: Implemented

Season two, episode nine: Featuring Bloomberg’s Head of Information Security Architecture and the Information Security Program, Phil Vachon. Catch this episode on YouTube, Apple, Spotify, Amazon, or G...

25 Touko 202351min

Adopting Zero Trust with Bitwarden: The Mighty Password

Adopting Zero Trust with Bitwarden: The Mighty Password

There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but a...

11 Touko 202354min

Adopting Zero Trust: Empathetic Leadership with Kyndryl’s Kris Lovejoy

Adopting Zero Trust: Empathetic Leadership with Kyndryl’s Kris Lovejoy

For many, cybersecurity is seen as a cost center that reduces risk to the business. This can be oversimplified to something akin to how HR reduces people-related risks but comes with layer on top of l...

27 Huhti 202357min

Adopting Zero Trust: Cybersecurity Innovation with Stanford Fellow AJ Grotto

Adopting Zero Trust: Cybersecurity Innovation with Stanford Fellow AJ Grotto

For more than a decade, Zero Trust as a concept has moved from a philosophy and now into a practical architecture and strategy that organizations can adopt. While Zero Trust encapsulates much of what ...

13 Huhti 202339min