Network Pentest 2.0 : The Cloud Pentest Revolution
Cloud Security Podcast22 Aug 2023

Network Pentest 2.0 : The Cloud Pentest Revolution

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bishop Fox to clarify the myth.


Episode YouTube: ⁠ ⁠Video Link⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Seth Art's Linkedin ⁠⁠⁠⁠⁠⁠(⁠⁠Seth Art Linkedin)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question


(00:00) Introduction

(05:17) A bit about Seth Art

(06:44) Network vs Infrastructure Security Pentest

(08:00) Internal vs External Network Security Pentest

(10:26) Assumed vs Objective Based Pentest

(12:51) Is network pentest dead?

(14:04) How to approach network and cloud pentests?

(20:12) Cloud pentest is more than config review

(24:04) Examples of cloud pentest findings

(30:07) Scaling pentests in cloud

(32:25) Traditional skillsets to cloud pentest

(36:58) A bit about cloudfoxable

(39:31) Cloud pentest and Zero Trust

(40:54) Staying ahead of CSP releases

(44:31) Third party shared responsibility

(47:35) 1 fun question

(48:36) Boundary for cloud pentest

(52:21) Last 2 fun questions


These are some of the resources that Seth shared during the episode along with the tools he has created

See you at the next episode!

Episoder(345)

CISO's guide to embracing risk in business

CISO's guide to embracing risk in business

What is it like to build a successful business based on risk? In this episode Ashish spoke to Fredrick Lee, CISO at Reddit. FLee shared his deep insights into the essential role of risk in driving bus...

9 Apr 202448min

Why Email Breaches Still Happen?

Why Email Breaches Still Happen?

Lets talk about the Evolution of Email Security. We have been speaking about Email Security for years but why has it not been solved? We spoke to Abhishek Agrawal, Co-founder of Material Security abou...

5 Apr 202430min

Essential Strategies to master Incident Response in Cloud

Essential Strategies to master Incident Response in Cloud

How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of...

2 Apr 202445min

From Code Suggestions to Security

From Code Suggestions to Security

What is GitHub Copilot? Its a AI-powered coding assistant that's redefining how developers write code. We spoke to Joseph Katsioloudes, a security specialist from the GitHub Security Lab. We spoke abo...

12 Mar 202421min

Cloud Security Operations for Modern Threats

Cloud Security Operations for Modern Threats

How is your Cloud Incident Preparedness? Is your CSPM enough? Ashish spoke to Ariel Parnes, Co-Founder and COO at Mitiga about the concept of "Assume Breach" and its importance in developing a proacti...

8 Mar 202435min

Understanding Threat Modeling in Cloud

Understanding Threat Modeling in Cloud

Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organiz...

1 Mar 202450min

Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis

Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis

What is the role of AI in Legal Research and Data Security? We spoke to Matt McKeever, CISO and Head of Cloud Engineering at LexisNexis, a company that uses GenAI and Custom LLM models to help its cus...

23 Feb 202417min

Sidecar Container Vulnerability in Kubernetes explained

Sidecar Container Vulnerability in Kubernetes explained

Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno...

16 Feb 202415min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
energi-og-klima
teknisk-sett
tomprat-med-gunnar-tjomlid
elektropodden
nasjonal-sikkerhetsmyndighet-nsm
fornybaren
rss-impressions-2
shifter
teknologi-og-mennesker
rss-polypod
pedagogisk-intelligens
rss-ai-forklart
smart-forklart
rss-ki-praten
i-loopen
rss-digitaliseringspadden
rss-alt-vi-kan
rss-forenklingspodden