So You WANT TO DO Google Cloud Threat Detection - Start here!
Cloud Security Podcast10 Juli 2023

So You WANT TO DO Google Cloud Threat Detection - Start here!

Cloud Security Podcast - Cybersecurity Threat hunting explained for Google Cloud. Day Johnson is a threat detection engineer and in this episode of Cloud security for Google Cloud security we spoke about how to start doing threat detection in Google Cloud, the common threats and attack vectors in GCP


Episode YouTube Video - https://youtu.be/FCVG7-lFu0Q


Host Twitter: Ashish Rajan (⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠)

Guest Socials: Day Johnson's Linkedin (Day - Linkedin)

Podcast Twitter - ⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠ ⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security Newsletter

- ⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠

(00:00) Introduction

(02:37) A word from our sponsor snyk.io/csp

(03:11) A bit about Day Johnson

(04:12) Common Threats in GCP

(06:04) Starting Threat Detection in GCP

(07:57) Transitioning to GCP from AWS

(10:53) Threat modelling by Service

(14:27) Where to start with threat detection in GCP

(18:17) Common Threat Vectors in GCP

(21:53) Automatic Threat Detection

(23:13) Services to be mindful of

(26:10) Compute Image Creation

(28:07) Get started in Detection Engineering

(32:45) Helpful resources for Threat Detection

(36:00) The fun questions


These are some of the resources Day found helpful for threat detection in GCP along with some resources he mentioned + his talk

See you at the next episode!


Avsnitt(345)

Your SecOps Team Can't Save Your Cloud: A New Blueprint for Security.

Your SecOps Team Can't Save Your Cloud: A New Blueprint for Security.

The conversation around cloud security is maturing beyond simple threat detection. As the industry grapples with alert fatigue, we explore the necessary shift from a reactive to a proactive security p...

27 Aug 202547min

New Identity Blueprint for a Future with Cloud & AI

New Identity Blueprint for a Future with Cloud & AI

Identity is the root cause of over 70% of all security incidents, yet many organizations still rely on fundamentally flawed authentication methods. In this episode, Jasson Casey, CEO and co-founder of...

22 Aug 202549min

AI for SOC Automation: A Blueprint for the New world of Incident Response

AI for SOC Automation: A Blueprint for the New world of Incident Response

The nature of Security Operations is changing. As cloud environments grow in complexity and data volumes explode, traditional approaches to detection and response are proving insufficient. This episod...

8 Aug 202552min

The Truth About Agentic AI in the SOC: Reality vs. Hype

The Truth About Agentic AI in the SOC: Reality vs. Hype

What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real...

7 Aug 202552min

Understanding a $10B Fraud Vector in Cloud-Native Workflows

Understanding a $10B Fraud Vector in Cloud-Native Workflows

A $10 billion fraud vector is currently exploiting a common feature in many cloud-native applications: the SMS verification flow. This isn't a traditional breach. Instead of stealing data, adversaries...

22 Juli 202544min

How BT Tackled 180 Years of Legacy to Build a Passwordless Future

How BT Tackled 180 Years of Legacy to Build a Passwordless Future

How do you modernize security in a 180-year-old company that operates critical national infrastructure? What does it look like when you discover tens or even hundreds of thousands of credentials hidde...

17 Juli 202519min

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI

Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for s...

15 Juli 202545min

Guide to Hybrid Cloud & Bare Metal Secret Management

Guide to Hybrid Cloud & Bare Metal Secret Management

Is your organization struggling with secret management across bare metal, hybrid, and multi-cloud environments? Standard cloud-native tools often fall short when you need a single, standardized soluti...

9 Juli 202532min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
rss-elektrikerpodden
bilar-med-sladd
skogsforum-podcast
rss-uppgang-och-fall
rss-technokratin
market-makers
natets-morka-sida
rss-veckans-ai
rss-laddstationen-med-elbilen-i-sverige
bli-saker-podden
rss-powerboat-sverige-podcast
developers-mer-an-bara-kod
rss-en-ai-till-kaffet
har-vi-akt-till-mars-an
rss-fabriken-2
rss-snacka-om-ai
hej-bruksbil
effekten-digitalisering-kunskap