Les meilleurs podcasts Cloudsecurity (2024)

1
The role of data normalization in cloud security - Kabir Mathur, CEO at Leen 36:02

9d ago36:02

36:02

Lars and Kabir Mathur, CEO of Leen, discuss the concept of unified APIs for security data, emphasizing the need for normalization and integration of various security tools. Kabir explains how Leen differentiates itself by not only providing data connectors but also delivering data over an API, making it accessible for developers. They explore the c…

1
EP195 Containers vs. VMs: The Security Showdown! 41:16

5d ago41:16

41:16

Cross-over hosts: Kaslin Fields, co-host at Kubernetes Podcast Abdel Sghiouar, co-host at Kubernetes Podcast Guest: Michele Chubirka, Cloud Security Advocate, Google Cloud Topics: How would you approach answering the question ”what is more secure, container or a virtual machine (VM)?” Could you elaborate on the real-world implications of this for s…

1
EP194 Deep Dive into ADR - Application Detection and Response 30:55

13d ago30:55

30:55

Guest: Daniel Shechter, Co-Founder and CEO at Miggo Security Topics: Why do we need Application Detection and Response (ADR)? BTW, how do you define it? Isn’t ADR a subset of CDR (for cloud)? What is the key difference that sets ADR apart from traditional EDR and CDR tools? Why can’t I just send my application data - or eBPF traces - to my SIEM and…

1
AI Innovations for Work and Home 35:09

17d ago35:09

35:09

In this special episode of the Sync Up podcast, join Stephen Rice as he takes you behind the scenes of the OneDrive Fall Event "AI Innovations for Work and Home." Get exclusive insights from interviews with key speakers like Jason Moore, Arwa Tyebkhan and more as they reveal their favorite features, and share some of the exciting upcoming developme…

1
EP193 Inherited a Cloud? Now What? How Do I Secure It? 30:41

20d ago30:41

30:41

Guests: Taylor Lehmann, Director at Office of the CISO, Google Cloud Luis Urena, Cloud Security Architect, Google Cloud Topics There is a common scenario where security teams are brought in after a cloud environment is already established. From your experience, how does this late involvement typically impact the organization's security posture and …

1
EP192 Confidential + AI: Can AI Keep a Secret? 33:04

27d ago33:04

33:04

Guest: Nelly Porter, Director of PM, Cloud Security at Google Cloud Topics: Share your story and how you ended here doing confidential AI at Google? What problem does confidential compute + AI solve and for what clients? What are some specific real-world applications or use cases where you see the combination of AI and confidential computing making…

1
In Focus—Designing for Copilot 28:39

1M ago28:39

28:39

In this episode of the Sync Up Podcast, hosts Stephen Rice and Arvind Mishra dive into the design of Copilot in OneDrive with special guest Ben Truelove, a veteran designer at Microsoft. Ben shares insights from his 27-year journey at Microsoft, including how the team designed and iterated to deliver the best Copilot experience to our customers. Tu…

1
EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it! 23:36

1M ago23:36

23:36

Guest: Dan Nutting, Manager - Cyber Defense, Google Cloud Topics: What is the Defender’s Advantage and why did Mandiant decide to put this out there? This is the second edition. What is different about DA-II? Why do so few defenders actually realize their Defender’s Advantage? The book talks about the importance of being "intelligence-led" in cyber…

1
EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures 30:00

1M ago30:00

30:00

Guest: Josh Liburdi, Staff Security Engineer, Brex Topics: What is this “security data fabric”? Can you explain the technology? Is there a market for this? Is this same as security data pipelines? Why is this really needed? Won’t your SIEM vendor do it? Who should adopt it? Or, as Tim says, what gets better once you deploy it? Is reducing cost a bi…

1
Proactive cloud security - Rotem Levi, Cloud Security Architect 31:32

1M ago31:32

31:32

In this conversation, Rotem Levi, a Cloud Security Architect, discusses the importance of proactive cloud security. He emphasizes the need for a balance between cost optimization and security, as well as the significance of good security practices in reducing cloud spend. Rotem also highlights the importance of having order in infrastructure and th…

1
EP189 How Google Does Security Programs at Scale: CISO Insights 30:23

2M ago30:23

30:23

Guest: Royal Hansen, CISO, Alphabet Topics: What were you thinking before you took that “Google CISO” job? Google's infrastructure is vast and complex, yet also modern. How does this influence the design and implementation of your security programs compared to other organizations? Are there any specific challenges or advantages that arise from oper…

1
Building ElectricEye, an open-source CSPM tool - Jonathan Rau, VP / Distinguished Engineer at Query 52:48

2M ago52:48

52:48

In this episode, Lars Kamp interviews Jonathan Rau, a distinguished engineer at Query, about Electric Eye, an open-source CSPM (cloud security posture management) tool.Par Fix

1
EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security 29:28

2M ago29:28

29:28

Guest: Dor Fledel, Founder and CEO of Spera Security, now Sr Director of Product Management at Okta Topics: We say “identity is the new perimeter,” but I think there’s a lof of nuance to it. Why and how does it matter specifically in cloud and SaaS security? How do you do IAM right in the cloud? Help us with the acronym soup - ITDR, CIEM also ISPM …

1
EP187 Conquering SOC Challenges: Leadership, Burnout, and the SIEM Evolution 29:41

2M ago29:41

29:41

Guest: Nicole Beckwith, Sr. Security Engineering Manager, Threat Operations @ Kroger Topics: What are the most important qualities of a successful SOC leader today? What is your approach to building and maintaining a high-functioning SOC team? How do you approach burnout in a SOC team? What are some of the biggest challenges facing SOC teams today?…

1
EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim 27:18

2M ago27:18

27:18

Guests: A debate between Tim and Anton, no guests Debate positions: You must buy the majority of cloud security tools from a cloud provider, here is why. You must buy the majority of cloud security tools from a 3rd party security vendor, here is why. Resources: EP74 Who Will Solve Cloud Security: A View from Google Investment Side EP22 Securing Mul…

1
EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You 24:27

3M ago24:27

24:27

Guest: David LaBianca, Senior Engineering Director, Google Topics: The universe of AI risks is broad and deep. We’ve made a lot of headway with our SAIF framework: can you give us a) a 90 second tour of SAIF and b) share how it’s gotten so much traction and c) talk about where we go next with it? The Coalition for Secure AI (CoSAI) is a collaborati…

1
EP184 One Week SIEM Migration: Fact or Fiction? 24:45

3M ago24:45

24:45

Guest: Manan Doshi, Senior Security Engineer @ Etsy Questions: In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them? Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it tim…

1
EP183 Cloud Security Journeys: Improve, Evolve, Transform with Cloud Customers 30:15

3M ago30:15

30:15

Guests: Jaffa Edwards, Senior Security Manager @ Google Cloud Lyka Segura, Cloud Security Engineer @ Google Cloud Topics: Security transformation is hard, do you have any secret tricks or methods that actually make it happen? Can you share a story about a time when you helped a customer transform their cloud security posture? Not just improve, but …

1
(Re) Searching for OneDrive 32:59

3M ago32:59

32:59

Curious about how user research shapes OneDrive? In this episode of Sync Up, Stephen Rice, Arvind Mishra, and Rachel Hungerford dive into the world of UX research! Discover how the team gathers insights to improve your OneDrive experience, from Home to Sharing to much more! Research is key to how we learn and evolve the product to meet our users' n…

1
EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy? 28:20

3M ago28:20

28:20

Guest: Adam Bateman, Co-founder and CEO, Push Security Topics: What is Identity Threat Detection and Response (ITDR)? How do you define it? What gets better at a client organization once ITDR is deployed? Do we also need “ISPM” (parallel to CDR/CSPM), and what about CIEM? Workload identity ITDR vs human identity ITDR? Do we need both? Are these the…

1
EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams 30:32

3M ago30:32

30:32

Guest: Zack Allen, Senior Director of Detection & Research @ Datadog, creator of Detection Engineering Weekly Topics: What are the biggest challenges facing detection engineers today? What do you tell people who want to consume detections and not engineer them? What advice would you give to someone who is interested in becoming a detection engineer…

1
EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center 28:09

4M ago28:09

28:09

Guests: Mitchell Rudoll, Specialist Master, Deloitte Alex Glowacki, Senior Consultant, Deloitte Topics: The paper outlines two paths for SOCs: optimization or transformation. Can you elaborate on the key differences between these two approaches and the factors that should influence an organization's decision on which path to pursue? The paper also …

1
EP179 Teamwork Under Stress: Expedition Behavior in Cybersecurity Incident Response 23:28

4M ago23:28

23:28

Guests: Robin Shostack, Security Program Manager, Google Jibran Ilyas, Managing Director Incident Response, Mandiant, Google Cloud Topics: You talk about “teamwork under adverse conditions” to describe expedition behavior (EB). Could you tell us what it means? You have been involved in response to many high profile incidents, one of the ones we can…

1
EP178 Meet Brandon Wood: The Human Side of Threat Intelligence: From Bad IP to Trafficking Busts 32:09

4M ago32:09

32:09

Guest: Brandon Wood, Product Manager for Google Threat Intelligence Topics: Threat intelligence is one of those terms that means different things to everyone–can you tell us what this term has meant in the different contexts of your career? What do you tell people who assume that “TI = lists of bad IPs”? We heard while prepping for this show that y…

1
Live from M365 Conference! 1:06:01

4M ago1:06:01

1:06:01

We're back! Stephen was on the ground at the Microsoft 365 Community Conference in Orlando, and this week he's catching Arvind up on all the amazing announcements from the conference! From Copilot to Colored Folders to Sync Health Report Exports, the conference was overfull with great features that will help you get the most out of OneDrive! Stephe…

1
EP177 Cloud Incident Confessions: Top 5 Mistakes Leading to Breaches from Mandiant 30:07

4M ago30:07

30:07

Guests: Omar ElAhdan, Principal Consultant, Mandiant, Google Cloud Will Silverstone, Senior Consultant, Mandiant, Google Cloud Topics: Most organizations you see use both cloud and on-premise environments. What are the most common challenges organizations face in securing their hybrid cloud environments? You do IR so in your experience, what are to…

1
EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use 27:00

5M ago27:00

27:00

Guest: Seth Vargo, Principal Software Engineer responsible for Google's use of the public cloud, Google Topics: Google uses the public cloud, no way, right? Which one? Oh, yeah, I guess this is obvious: GCP, right? Where are we like other clients of GCP? Where are we not like other cloud users? Do we have any unique cloud security technology that w…

1
EP175 Meet Crystal Lister: From Public Sector to Google Cloud Security and Threat Horizons 26:43

5M ago26:43

26:43

Guest: Crystal Lister, Technical Program Manager, Google Cloud Security Topics: Your background can be sheepishly called “public sector”, what’s your experience been transitioning from public to private? How did you end up here doing what you are doing? We imagine you learned a lot from what you just described – how’s that impacted your work at Goo…

1
EP174 How to Measure and Improve Your Cloud Incident Response Readiness: A New Framework 21:33

5M ago21:33

21:33

Guest: Angelika Rohrer, Sr. Technical Program Manager , Cyber Security Response at Alphabet Topics: Incident response (IR) is by definition “reactive”, but ultimately incident prep determines your IR success. What are the broad areas where one needs to prepare? You have created a new framework for measuring how ready you are for an incident, what i…

1
EP173 SAIF in Focus: 5 AI Security Risks and SAIF Mitigations 33:16

5M ago33:16

33:16

Guest: Shan Rao, Group Product Manager, Google Topics: What are the unique challenges when securing AI for cloud environments, compared to traditional IT systems? Your talk covers 5 risks, why did you pick these five? What are the five, and are these the worst? Some of the mitigation seems the same for all risks. What are the popular SAIF mitigatio…

1
EP172 RSA 2024: Separating AI Signal from Noise, SecOps Evolves, XDR Declines? 27:20

6M ago27:20

27:20

Guests: None Topics: What have we seen at RSA 2024? Which buzzwords are rising (AI! AI! AI!) and which ones are falling (hi XDR)? Is this really all about AI? Is this all marketing? Security platforms or focused tools, who is winning at RSA? Anything fun going on with SecOps? Is cloud security still largely about CSPM? Any interesting presentations…

1
EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side 27:03

6M ago27:03

27:03

Guest: Elie Bursztein, Google DeepMind Cybersecurity Research Lead, Google Topics: Given your experience, how afraid or nervous are you about the use of GenAI by the criminals (PoisonGPT, WormGPT and such)? What can a top-tier state-sponsored threat actor do better with LLM? Are there “extra scary” examples, real or hypothetical? Do we really have …

1
EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC 27:48

6M ago27:48

27:48

Guest: Payal Chakravarty, Director of Product Management, Google SecOps, Google Cloud Topics: What are the different use cases for GenAI in security operations and how can organizations prioritize them for maximum impact to their organization? We’ve heard a lot of worries from people that GenAI will replace junior team members–how do you see GenAI …

1
Data on the Move—Migrating to OneDrive 42:34

6M ago42:34

42:34

Hold onto your hats, it's time for another episode of the Sync Up podcast! This week, hosts Stephen and Arvind are talking to migration and customer experts Vishal Lodha and Yogesh Ratnaparkhi about how to effectively migrate your content to OneDrive, whether you're starting on-prem or with another cloud provider. The team busts common migration my…

1
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps 27:36

6M ago27:36

27:36

Guests: no guests (just us!) Topics: What are some of the fun security-related launches from Next 2024 (sorry for our brief “marketing hat” moment!)? Any fun security vendors we spotted “in the clouds”? OK, what are our favorite sessions? Our own, right? Anything else we had time to go to? What are the new security ideas inspired by the event (you …

1
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It 33:18

7M ago33:18

33:18

Guests: Umesh Shankar, Distinguished Engineer, Chief Technologist for Google Cloud Security Scott Coull, Head of Data Science Research, Google Cloud Security Topics: What does it mean to “teach AI security”? How did we make SecLM? And also: why did we make SecLM? What can “security trained LLM” do better vs regular LLM? Does making it better at sec…

1
EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse 25:24

7M ago25:24

25:24

Speakers: Maria Riaz, Cloud Counter-Abuse, Engineering Lead, Google Cloud Topics: What is “counter abuse”? Is this the same as security? What does counter-abuse look like for GCP? What are the popular abuse types we face? Do people use stolen cards to get accounts to then violate the terms with? How do we deal with this, generally? Beyond core tech…

1
Normalizing security data, federated search, and OCSF - Jonathan Rau, VP / Distinguished Engineer at Query 1:04:28

7M ago1:04:28

1:04:28

Jonathan Rau, VP/Distinguished Engineer at Query, explains the process of normalizing security data and the challenges of working with different security tools and APIs. He also simplifies the concept of security data into three categories: structured, semi-structured, and unstructured. Finally, he discusses benefits of unifying security data, and …

1
EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!) 30:06

7M ago30:06

30:06

Guests: Evan Gilman, co-founder CEO of Spirl Eli Nesterov, co-founder CTO of Spril Topics: Today we have IAM, zero trust and security made easy. With that intro, could you give us the 30 second version of what a workload identity is and why people need them? What’s so spiffy about SPIFFE anyway? What’s different between this and micro segmentation …

1
Building an open-source CSPM service - Daniel Spangenberg, Staff Cloud Security Engineer at Lyft 58:31

7M ago58:31

58:31

Daniel Spangenberg, Staff Cloud Security Engineer at Lyft, is building an internal cloud security posture management (CSPM) service. Daniel has developed a mental model that looks at cloud security in three components: The past. Data about your current cloud inventory, e.g. your EC2 instances and S3 buckets, to idenfity and remediate misconfigurati…

1
5-step framework for security and compliance programs - Mirko Kater, CISO at Gitpod 1:05:22

7M ago1:05:22

1:05:22

Mirco Kater, Information Security Officer at Gitpod, has taken a few startups from 0 to 1 when it comes to compliance and information security. Mirco has developed a five-step framework: Connect Assess Define Implement Measure For start-ups, security and compliance programs provide access to markets. Mirco highlights the need for collaboration and …

1
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security 24:34

7M ago24:34

24:34

Guest: Ahmad Robinson, Cloud Security Architect, Google Cloud Topics: You’ve done a BlackHat webinar where you discuss a Pets vs Cattle mentality when it comes to cloud operations. Can you explain this mentality and how it applies to security? What in your past led you to these insights? Tell us more about your background and your journey to Google…

1
EP164 Quantum Computing: Understanding the (very serious) Threat and Post-Quantum Cryptography 31:23

7M ago31:23

31:23

Guest: Jennifer Fernick, Senor Staff Security Engineer and UTL, Google Topics: Since one of us (!) doesn't have a PhD in quantum mechanics, could you explain what a quantum computer is and how do we know they are on a credible path towards being real threats to cryptography? How soon do we need to worry about this one? We’ve heard that quantum comp…

1
Data fabric and digital transformation in cybersecurity - Pramod Gosavi, Investor at 11.2 Capital 1:10:35

7M ago1:10:35

1:10:35

Pramod Gosavi is a former VMWare corporate development executive turned venture investor at 11.2 Capital. Pramod and Lars talk about the current state of cybersecurity and the hurdles for Chief Information Security Officers (CISOs) across the four main areas of cybersecurity: network, endpoint, cloud, and identity security. Pramod makes the case fo…

1
EP163 Cloud Security Megatrends: Myths, Realities, Contentious Debates and Of Course AI 25:54

8M ago25:54

25:54

Guest: Phil Venables, Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: You had this epic 8 megatrends idea in 2021, where are we now with them? We now have 9 of them, what made you add this particular one (AI)? A lot of CISOs fear runaway AI. Hence good governance is key! What is your secret of success for AI governa…

Podcasts qui valent la peine d'être écoutés

Cloudsecurity Podcasts

Podcasts qui valent la peine d'être écoutés

Guide de référence rapide