No exceptions: How Amazon killed the password and unified security

In this episode, we sit down with Stephen Schmidt, SVP & Chief Security Officer at Amazon, to explore the engineering and leadership required to run a "no exceptions" identity program at a global scale. Most organizations suffer from the "fragmentation problem"—a mix of high-security cloud apps and vulnerable legacy systems. Stephen explains how Amazon unified its authentication standard to ensure that every internal account, from a fresh developer environment to a legacy application from 2003, meets the same rigorous bar. In our reporter chat, Greg talks with Derek Johnson on why your AI doctor does not have the same privacy protections as your real doctor. https://cyberscoop.com/radio/how-amazon-killed-the-password-and-unified-security/ Join Virtru on Feb 18th for the inaugural DCMMC at 1801 Pennsylvania Ave for a no-nonsense CMMC deep dive followed by a bourbon tasting—grab your spot here. - https://www.virtru.com/dcmmc-event Follow CyberScoop on Social Media • https://www.twitter.com/CyberScoopNews • https://www.linkedin.com/company/cyberscoop • https://www.facebook.com/cyberscoop/ • https://www.instagram.com/cyberscoopnews/ • https://www.tiktok.com/@cyberscoopnews • https://bsky.app/profile/cyberscoop.bsky.social About Safe Mode Every week we break down the most pressing issues in technology, provide you with the knowledge and tools to stay ahead of the latest threats and take you behind the scenes of the biggest stories in cyberspace. https://cyberscoop.com/show/safe-mode/

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(139)

Inside Operation Disruption Week: Taking Down Southeast Asia's Scam Machine

What does it actually take to dismantle an industrial-scale scam operation running bulletproof hosting, distributed ASNs, and crypto laundering across multiple countries? Mike Sweeney of Silent Push w...

25 Juni 35min

Zero days, zero order: The chaos reshaping vulnerability disclosure

The rules of responsible disclosure were written for a different era — one where humans found bugs, humans reported them, and 90 days felt like plenty of time to patch. That era is over. In this epis...

18 Juni 40min

Why the autonomous SOC Is the wrong goal

On this week's episode, we're joined by Mike Nichols, General Manager of Security at Elastic, fresh off the Gartner Security and Risk Summit in the D.C. area, where AI dominated every conversation on ...

11 Juni 33min

The last layer standing

What happens when an "assume breach" scenario turns into a total corporate wipeout? In this episode of Safe Mode, host Greg welcomes Brandon Willitts, Director of Cyber Resilience at Everpure, to pull...

4 Juni 35min

From Two Weeks to Three Days: The KEV Deadline Debate

Drawing on his experience from his time in government working directly on CISA’s Known Exploited Vulnerabilities (KEV) catalog, Todd Beardsley, VP of Security Research at runZero, explains what it act...

29 Maj 37min

Can specialized security survive Daybreak and Mythos?

In this episode, we sit down with Lior Div, CEO of 7AI, at a moment when the ground is shifting under the entire security industry. With AI lowering the barrier to entry for attackers, supply chain co...

21 Maj 38min

Why access brokers have stubbornly remained successful

Anna Pham of Huntress joins Safe Mode to discuss the current landscape of initial access brokers and how their tactics continue to support ransomware operations. She explains that attackers are still ...

14 Maj 31min

Can you prove which agent did what?

In this week's episode, Greg Otto talks with Howard Ting, CEO of Opal Security, about the growing security challenges created by AI agents inside the enterprise, especially around identity governance,...

7 Maj 28min