Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast6 Juli 2023

Using Data Perimeters in AWS To Scale Guardrails

Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin⁠⁠⁠) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: John Burgress (John - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(03:13) A word from our sponsors

(03:38) A bit about John Burgess

(04:26) Data perimeter in the Cloud

(05:10) Defining data perimeter in AWS

(06:50) Where to start building AWS data perimeter

(08:21) The defense in depth approach 09:09 Approach to enable developers

(10:40) Starting point for building data perimeter

(11:41) Limitations with Data Perimeter

(13:06) Implementing data perimeter for segregation

(15:52) Working with Terraform Modules

(16:34) Goals behind data perimeter controls

(18:31) Proactive detection for third party

(20:00) Data perimeter for other CSPs

(20:42) Challenges in establishing data perimeter

(23:06) Dealing with multiple organisations

(23:35) Learn more about data perimeter

(24:06) The fun section


These are some of the resources John found helpful for data perimeter:

See you at the next episode!

Avsnitt(346)

Ransomware attacks in AWS

Ransomware attacks in AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nandesh Guru (Nandesh's Linkedin) about ransomware and supply chain attack mechanisms in AWS and how the world of CSPM have evo...

6 Nov 202237min

How to become a Cloud Native Security Architect?

How to become a Cloud Native Security Architect?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christophe Parisel (Christophe's Linkedin) about what how to transition from being a technical architect on premise to a cloud ...

30 Okt 202250min

Compliance as Code in Kubernetes

Compliance as Code in Kubernetes

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jim Bugwadia (Jim's Twitter) about policy management and compliance as code for Kubernetes and how you can use open source tool...

24 Okt 202246min

Software Signing for Kubernetes Supply Chain & Everybody Else

Software Signing for Kubernetes Supply Chain & Everybody Else

In this episode of the Virtual Coffee with Ashish edition, we spoke with Luke Hinds (Luke's Twitter) the open source Sigstore project and how it is helping with software signing and protecting the sof...

16 Okt 202250min

KUBERNETES BEST PRACTICES 2022

KUBERNETES BEST PRACTICES 2022

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jimmy Mesta (Jimmy's Twitter) about OWASP Kubernetes Top 10 and best practices for securing Kubernetes Episode ShowNotes, Link...

10 Okt 202250min

Building Blocks of a Modern Cloud Security Program

Building Blocks of a Modern Cloud Security Program

Modern Cloud Security Programs hire for builders who can develop tools that help developers walk down a Paved road where security is not a blocker but at the same time prevents developers from making ...

29 Sep 202239min

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2

Azure Cloud Security Architecture (Day 0) ,Custom Azure Role definitions, Azure Privilege Access Management etc can be complex to build. Continuing from part 1 In the part 2 of our This is My Cloud Se...

25 Sep 20221h 4min

SecDataOps Explained - Modern Security Stack

SecDataOps Explained - Modern Security Stack

Data Lakes as an asset to collect and build threat actors or hiring for Data Scientists/Analyst are not typical things in Cloud Security well unless the organisation is dealing with PetaBytes of data....

16 Sep 202247min

Populärt inom Teknik

uppgang-och-fall
market-makers
elbilsveckan
skogsforum-podcast
rss-elektrikerpodden
bilar-med-sladd
developers-mer-an-bara-kod
rss-uppgang-och-fall
rss-veckans-ai
rss-laddstationen-med-elbilen-i-sverige
rss-powerboat-sverige-podcast
rss-technokratin
bli-saker-podden
teknikveckan
hej-bruksbil
rss-fabriken-2
natets-morka-sida
gubbar-som-tjotar-om-bilar
har-vi-akt-till-mars-an
rss-snacka-om-ai