How to Build AWS Multi-Account Infrastructure with Security and Speed
Cloud Security Podcast21 Feb 2023

How to Build AWS Multi-Account Infrastructure with Security and Speed

Cloud Security Podcast - This month we are talking about "Building on the AWS Cloud" and next up on this series, we spoke to Patrick Sanders (Patrick's Linkedin) & Jospeh Kjar (Joseph's Linkedin), Snr Cloud Security Engineer at Netflix on what does it take to reimagine multi-account deployments gave them both security and speed.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Patrick Sanders (Patrick's Linkedin) & Jospeh Kjar (Joseph's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security BootCamp

Spotify TimeStamp for Interview Questions

(00:00) Introduction

(03:06) snyk.io/csp

(03:41) A bit about how Patrick and Joseph got into the Cloud Space

(06:00) Building blocks of scalable AWS infrastructure

(09:14) Should there be a seperate account for forensics

(12:44) Diff AWS Org for dev and prod?

(13:45) How to ensure dedicated IR account is secure?

(15:10) 1st step to building a new startup in AWS

(17:39) Should non prod and prod accounts be seperate?

(21:29) How do you ensure visibility into your AWS organisation?

(25:04) Integrate FIM into AWS

(26:29) Layers for a multi account strategy

(28:23) Challenges from going from one account to multi account

(34:03) Bringing identity to the application

(38:25) The importance of IMDS

(42:07) The security benefit of using IMDS

(45:34) Managed identity in AWS

(46:40) Why developer experience is important?

(49:49) What do cloud security engineers do ?

(53:05) Where you can find Joseph and Patrick?

See you at the next episode!

Episoder(346)

Ransomware attacks in AWS

Ransomware attacks in AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nandesh Guru (Nandesh's Linkedin) about ransomware and supply chain attack mechanisms in AWS and how the world of CSPM have evo...

6 Nov 202237min

How to become a Cloud Native Security Architect?

How to become a Cloud Native Security Architect?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christophe Parisel (Christophe's Linkedin) about what how to transition from being a technical architect on premise to a cloud ...

30 Okt 202250min

Compliance as Code in Kubernetes

Compliance as Code in Kubernetes

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jim Bugwadia (Jim's Twitter) about policy management and compliance as code for Kubernetes and how you can use open source tool...

24 Okt 202246min

Software Signing for Kubernetes Supply Chain & Everybody Else

Software Signing for Kubernetes Supply Chain & Everybody Else

In this episode of the Virtual Coffee with Ashish edition, we spoke with Luke Hinds (Luke's Twitter) the open source Sigstore project and how it is helping with software signing and protecting the sof...

16 Okt 202250min

KUBERNETES BEST PRACTICES 2022

KUBERNETES BEST PRACTICES 2022

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jimmy Mesta (Jimmy's Twitter) about OWASP Kubernetes Top 10 and best practices for securing Kubernetes Episode ShowNotes, Link...

10 Okt 202250min

Building Blocks of a Modern Cloud Security Program

Building Blocks of a Modern Cloud Security Program

Modern Cloud Security Programs hire for builders who can develop tools that help developers walk down a Paved road where security is not a blocker but at the same time prevents developers from making ...

29 Sep 202239min

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

Azure Cloud Security Architecture (Day 0) ,Custom Azure Role definitions, Azure Privilege Access Management etc can be complex to build. Continuing from part 1 In the part 2 of our This is My Cloud Se...

25 Sep 20221h 4min

SecDataOps Explained - Modern Security Stack

SecDataOps Explained - Modern Security Stack

Data Lakes as an asset to collect and build threat actors or hiring for Data Scientists/Analyst are not typical things in Cloud Security well unless the organisation is dealing with PetaBytes of data....

16 Sep 202247min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
tomprat-med-gunnar-tjomlid
nasjonal-sikkerhetsmyndighet-nsm
teknisk-sett
energi-og-klima
teknologi-og-mennesker
shifter
smart-forklart
elektropodden
rss-impressions-2
fornybaren
rss-ai-forklart
pedagogisk-intelligens
rss-alt-vi-kan
rss-polypod
rss-snakk-om-sikkerhet
rss-ki-praten
rss-alt-som-gar-pa-strom
rss-heis