Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast6 Jul 2023

Using Data Perimeters in AWS To Scale Guardrails

Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin⁠⁠⁠) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: John Burgress (John - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(03:13) A word from our sponsors

(03:38) A bit about John Burgess

(04:26) Data perimeter in the Cloud

(05:10) Defining data perimeter in AWS

(06:50) Where to start building AWS data perimeter

(08:21) The defense in depth approach 09:09 Approach to enable developers

(10:40) Starting point for building data perimeter

(11:41) Limitations with Data Perimeter

(13:06) Implementing data perimeter for segregation

(15:52) Working with Terraform Modules

(16:34) Goals behind data perimeter controls

(18:31) Proactive detection for third party

(20:00) Data perimeter for other CSPs

(20:42) Challenges in establishing data perimeter

(23:06) Dealing with multiple organisations

(23:35) Learn more about data perimeter

(24:06) The fun section


These are some of the resources John found helpful for data perimeter:

See you at the next episode!

Episoder(344)

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

In this episode our host Ashish Rajan sat down with Ross Haleliuk, author of Cybersecurity for Builders and creator of the Venture in Security blog, to explore the current state and future of the cybe...

10 Jan 20251h 10min

Centralized VPC Endpoints - Why It Works for AWS Networking

Centralized VPC Endpoints - Why It Works for AWS Networking

In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned...

17 Des 202448min

What is CADR?

What is CADR?

In this episode, recorded at Kubecon NA in Salt Lake City, we spoke about about Kubernetes security with Shauli Rozen, co-founder and CEO of ARMO Security. From the challenges of runtime protection to...

5 Des 202429min

Building Platforms in Regulated Industries

Building Platforms in Regulated Industries

At HashiConf 2024 in Boston, our host Ashish Rajan had a great chat over some cannolis and a game of Jenga with AJ Oller, AVP of Engineering at The Hartford about how automation, mainframes, and compl...

21 Nov 202436min

Dynamic Permission Boundaries: A New Approach to Cloud Security

Dynamic Permission Boundaries: A New Approach to Cloud Security

In this episode, Ashish spoke with Kushagra Sharma, Staff Cloud Security Engineer, to delve into the complexities of managing Identity Access Management (IAM) at scale. Drawing on his experiences from...

12 Nov 202446min

Building a Resilient Cloud Security Program after Merger and Acquisition

Building a Resilient Cloud Security Program after Merger and Acquisition

In this episode, host Ashish Rajan sits down with Prahathess Rengasamy, a cloud security expert with extensive experience at companies like Credit Karma, Block, and Apple. Together, they explore the c...

9 Nov 202439min

Building Data Perimeter in Cloud in 2024

Building Data Perimeter in Cloud in 2024

In this episode, Ashish gets into the critical topic of data perimeters in AWS with our guest, Tyler Warren, a Lead Cloud Security Engineer at USAA. As cloud environments continue to evolve, the impor...

31 Okt 202456min

Navigating NIST CSF 2.0: Guide to Frameworks and Governance

Navigating NIST CSF 2.0: Guide to Frameworks and Governance

In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukas...

22 Okt 202436min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
rss-impressions-2
shifter
rss-ki-praten
fornybaren
rss-alt-vi-kan
rss-ai-forklart
smart-forklart
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
pedagogisk-intelligens
energi-og-klima
hans-petter-og-co
rss-teknologioptimistene-energibransjens-it-podcast
rss-praktisk-proptech
rss-startup
rss-polypod