Cloud Security Podcast by Google
171 episodes - English - Latest episode: 5 days ago - ★★★★★ - 31 ratingsCloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.
We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.
We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
April 22, 2024 14:11 - 27 minutes - 38 MBGuests: no guests (just us!) Topics: What are some of the fun security-related launches from Next 2024 (sorry for our brief “marketing hat” moment!)? Any fun security vendors we spotted “in the clouds”? OK, what are our favorite sessions? Our own, right? Anything else we had time to go to? What are the new security ideas inspired by the event (you really want to listen to this part! Because “freatures”...) Any tricky questions at the end? Resources: Live video (LinkedIn, YouTube) [...
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
April 15, 2024 14:11 - 33 minutes - 30.6 MBGuests: Umesh Shankar, Distinguished Engineer, Chief Technologist for Google Cloud Security Scott Coull, Head of Data Science Research, Google Cloud Security Topics: What does it mean to “teach AI security”? How did we make SecLM? And also: why did we make SecLM? What can “security trained LLM” do better vs regular LLM? Does making it better at security make it worse at other things that we care about? What can a security team do with it today? What are the “starter use cases” for S...
EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse
April 08, 2024 14:11 - 25 minutes - 34.9 MBSpeakers: Maria Riaz, Cloud Counter-Abuse, Engineering Lead, Google Cloud Topics: What is “counter abuse”? Is this the same as security? What does counter-abuse look like for GCP? What are the popular abuse types we face? Do people use stolen cards to get accounts to then violate the terms with? How do we deal with this, generally? Beyond core technical skills, what are some of the relevant competencies for working in this space that would appeal to a diverse set of audience? You ...
EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)
April 01, 2024 14:11 - 30 minutes - 41.4 MBGuests: Evan Gilman, co-founder CEO of Spirl Eli Nesterov, co-founder CTO of Spril Topics: Today we have IAM, zero trust and security made easy. With that intro, could you give us the 30 second version of what a workload identity is and why people need them? What’s so spiffy about SPIFFE anyway? What’s different between this and micro segmentation of your network–why is one better or worse? You call your book “solving the bottom turtle” could you tell us what that means? What are...
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
March 25, 2024 14:11 - 24 minutes - 33.8 MBGuest: Ahmad Robinson, Cloud Security Architect, Google Cloud Topics: You’ve done a BlackHat webinar where you discuss a Pets vs Cattle mentality when it comes to cloud operations. Can you explain this mentality and how it applies to security? What in your past led you to these insights? Tell us more about your background and your journey to Google. How did that background contribute to your team? One term that often comes up on the show and with our customers is 'shifting left.' ...
EP164 Quantum Computing: Understanding the (very serious) Threat and Post-Quantum Cryptography
March 18, 2024 14:11 - 31 minutes - 43.2 MBGuest: Jennifer Fernick, Senor Staff Security Engineer and UTL, Google Topics: Since one of us (!) doesn't have a PhD in quantum mechanics, could you explain what a quantum computer is and how do we know they are on a credible path towards being real threats to cryptography? How soon do we need to worry about this one? We’ve heard that quantum computers are more of a threat to asymmetric/public key crypto than symmetric crypto. First off, why? And second, what does this difference mean f...
EP163 Cloud Security Megatrends: Myths, Realities, Contentious Debates and Of Course AI
March 11, 2024 15:11 - 25 minutes - 35.6 MBGuest: Phil Venables, Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: You had this epic 8 megatrends idea in 2021, where are we now with them? We now have 9 of them, what made you add this particular one (AI)? A lot of CISOs fear runaway AI. Hence good governance is key! What is your secret of success for AI governance? What questions are CISOs asking you about AI? What questions about AI should they be asking that they are not asking? Which one ...
EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler
March 04, 2024 15:11 - 28 minutes - 38.7 MBGuest: Kat Traxler, Security Researcher, TrustOnCloud Topics: What is your reaction to “in the cloud you are one IAM mistake away from a breach”? Do you like it or do you hate it? A lot of people say “in the cloud, you must do IAM ‘right’”. What do you think that means? What is the first or the main idea that comes to your mind when you hear it? How have you seen the CSPs take different approaches to IAM? What does it mean for the cloud users? Why do people still screw up IAM in the cl...
EP161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud
February 26, 2024 17:06 - 27 minutes - 38 MBGuest: Victoria Geronimo, Cloud Security Architect, Google Cloud Topics: You work with technical folks at the intersection of compliance, security, and cloud. So what do you do, and where do you find the biggest challenges in communicating across those boundaries? How does cloud make compliance easier? Does it ever make compliance harder? What is your best advice to organizations that approach cloud compliance as they did for the 1990s data centers and classic IT? What has been the m...
EP160 Don't Cloud Your Judgement: Security and Cloud Migration, Again!
February 19, 2024 15:11 - 27 minutes - 37.9 MBGuest: Merritt Baer, Field CTO, Lacework, ex-AWS, ex-USG Topics: How can organizations ensure that their security posture is maintained or improved during a cloud migration? Is cloud migration a risk reduction move? What are some of the common security challenges that organizations face during a cloud migration? Are there different gotchas between the three public clouds? What advice would you give to those security leaders who insist on lift/shift or on lift/shift first? How should...
EP159 Workspace Security: Built for the Modern Threat. But How?
February 12, 2024 15:11 - 25 minutes - 35.1 MBGuests: Emre Kanlikilicer, Senior Engineering Manager @ Google Sophia Gu, Engineering Manager at Google Topics Workspace makes the claim that unlike other productivity suites available today, it’s architectured for the modern threat landscape. That’s a big claim! What gives Google the ability to make this claim? Workspace environments would have many different types of data, some very sensitive. What are some of the common challenges with controlling access to data and protecting dat...
EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics
February 05, 2024 15:01 - 21 minutes - 29.7 MBGuest: Jason Solomon, Security Engineer, Google Topics: Could you share a bit about when you get pulled into incidents and what are your goals when you are? How does that change in the cloud? How do you establish a chain of custody and prove it for law enforcement, if needed? What tooling do you rely on for cloud forensics and is that tooling available to "normal people"? How do we at Google know when it’s time to call for help, and how should our customers know that it’s time? Can ...
EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
January 29, 2024 15:11 - 25 minutes - 35 MBGuest: Arie Zilberstein, CEO and Co-Founder at Gem Security Topics: How does Cloud Detection and Response (CDR) differ from traditional, on-premises detection and response? What are the key challenges of cloud detection and response? Often we lift and shift our teams to Cloud, and not always for bad reasons, so what’s your advice on how to teach the old dogs new tricks: “on-premise-trained” D&R teams and cloud D&R? What is this new CIRA thing that Gartner just cooked up? Should CIRA...
EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive
January 22, 2024 15:11 - 25 minutes - 34.7 MBGuest: Sandra Joyce, VP at Mandiant Intelligence Topics: Could you give us a brief overview of what this power disruption incident was about? This incident involved both Living Off the Land and attacks on operational technology (OT). Could you explain to our audience what these mean and what the attacker did here? We also saw a wiper used to hide forensics, is that common these days? Did the attacker risk tipping their hand about upcoming physical attacks? If we’d seen this intrusion ...
EP155 Cyber, Geopolitics, AI, Cloud - All in One Book?
January 15, 2024 15:11 - 38 minutes - 53.1 MBGuests: Derek Reveron, Professor and Chair of National Security at the US Naval War College John Savage, An Wang Professor Emeritus of Computer Science of Brown University Topics: You wrote a book on cyber and war, how did this come about and what did you most enjoy learning from the other during the writing process? Is generative AI going to be a game changer in international relations and war, or is it just another tool? You also touch briefly on lethal autonomous weapons systems ...
EP154 Mike Schiffman: from Blueboxing to LLMs via Network Security at Google
January 08, 2024 15:11 - 35 minutes - 49.1 MBGuest: Mike Schiffman, Network Security “UTL” Topics: Given your impressive and interesting history, tell us a few things about yourself? What are the biggest challenges facing network security today based on your experience? You came to Google to work on Network Security challenges. What are some of the surprising ones you’ve uncovered here? What lessons from Google's approach to network security absolutely don’t apply to others? Which ones perhaps do? If you have to explain the diff...
EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for All
December 18, 2023 15:11 - 28 minutes - 39.5 MBGuest: Kevin Mandia, CEO at Mandiant, part of Google Cloud Topics: When you look back, what were the most surprising cloud breaches in 2023, and what can we learn from them? How were they different from the “old world” of on-prem breaches? For a long time it’s felt like incident response has been an on-prem specialization, and that adversaries are primarily focused on compromising on-prem infrastructure. Who are we seeing go after cloud environments? The same threat actors or not? Coul...
EP152 Trust, Security and Google's Annual Transparency Report
December 11, 2023 15:11 - 26 minutes - 35.8 MBGuest: Michee Smith, Director, Product Management for Global Affairs Works, Google Topics: What is Google Annual Transparency Report and how did we get started doing this? Surely the challenge of a transparency report is that there are things we can’t be transparent about, how do we balance this? What are those? Is it a safe question? What Access Transparency Logs are and if they are connected to the report –other than in Tim's mind and your career? Beyond building the annual transpa...
EP151 Cyber Insurance in the Cloud Era: Balancing Protection, Data and Risks
December 04, 2023 15:11 - 26 minutes - 35.9 MBGuest: Monica Shokrai, Head Of Business Risk and Insurance For Google Cloud Topics: Could you give us the 30 second run down of what cyber insurance is and isn't? Can you tie that to clouds? How does the cloud change it? Is it the case that now I don't need insurance for some of the "old school" cyber risks? What challenges are insurers facing with assessing cloud risks? On this show I struggle to find CISOs who "get" cloud, are there insurers and underwriters who get it? We recently ...
EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with Gary McGraw
November 27, 2023 15:00 - 26 minutes - 36.2 MBGuest: Dr Gary McGraw, founder of the Berryville Institute of Machine Learning Topics: Gary, you’ve been doing software security for many decades, so tell us: are we really behind on securing ML and AI systems? If not SBOM for data or “DBOM”, then what? Can data supply chain tools or just better data governance practices help? How would you threat model a system with ML in it or a new ML system you are building? What are the key differences and similarities between securing AI and se...
EP149 Canned Detections: From Educational Samples to Production-Ready Code
November 20, 2023 15:11 - 28 minutes - 39.4 MBGuests: John Stoner, Principal Security Strategist, Google Cloud Security Dave Herrald, Head of Adopt Engineering, Google Cloud Security Topics: In your experience, past and present, what would make clients trust vendor detection content? Regarding “canned”, default or “out-of-the-box” detections, how to make them more production quality and not merely educational samples to learn from? What is more important, seeing the detection or being able to change it, or both? If this is about ...
EP148 Decoding SaaS Security: Demystifying Breaches, Vulnerabilities, and Vendor Responsibilities
November 12, 2023 23:00 - 29 minutes - 40.9 MBGuest: Adrian Sanabria, Director of Valence Threat Labs at Valence Security, ex-analyst Topics: When people talk about “cloud security” they often forget SaaS, what should be the structured approach to using SaaS securely or securing SaaS? What are the incidents telling us about the realistic threats to SaaS tools? Is the Microsoft 365 breach a SaaS breach, a cloud breach or something else? Do we really need CVEs for SaaS vulnerabilities? What are the least understood aspects of secu...
EP147 Special: 2024 Google Cloud Security Forecast Report
November 08, 2023 16:35 - 22 minutes - 31.4 MBGuest: Kelli Vanderlee, Senior Manager, Threat Analysis, Mandiant at Google Cloud Topics: Can you really forecast threats? Won’t the threat actors ultimately do whatever they want? How can clients use the forecast? Or as Tim would say it, what gets better once you read it? What is the threat forecast for cloud environments? It says “Cyber attacks targeting hybrid and multi-cloud environments will mature and become more impactful“ - what does it mean? Of course AI makes an appearance a...
EP146 AI Security: Solving the Problems of the AI Era: A VC's Insights
November 05, 2023 22:00 - 24 minutes - 33.6 MBGuest: Wei Lien Dang, GP at Unusual Ventures Topics: We have a view at Google that AI for security and security for AI are largely separable disciplines. Do you feel the same way? Is this distinction a useful one for you? What are some of the security problems you're hearing from AI companies that are worth solving? AI is obviously hot, and as always security is chasing the hotness. Where are we seeing the focus of market attention for AI security? Does this feel like an area that'...
EP145 Cloud Security: Shared Responsibility, Shared Fate, Shared Faith?
October 29, 2023 23:00 - 20 minutes - 28.4 MBGuest: Jay Thoden van Velzen, Strategic Advisor to the CSO, SAP Topics: What are the challenges with shared responsibility for cloud security? Can you explain "shared" vs "separated" responsibility? In your article, you mention “shared faith”, we have “shared fate”, but we never heard of shared faith. What is this? Can you explain? What about the cloud models (SaaS, PaaS, IaaS), how does this sharing model differ? While at it, what is cloud, really? [yes, we really did ask this!] ...
EP144 LLMs: A Double-Edged Sword for Cloud Security? Weighing the Benefits and Risks of Large Language Models
October 23, 2023 14:11 - 29 minutes - 40 MBGuest: Kathryn Shih, Group Product Manager, LLM Lead in Google Cloud Security Topics: Could you give our audience the quick version of what is an LLM and what things can they do vs not do? Is this “baby AGI” or is this a glorified “autocomplete”? Let’s talk about the different ways to tune the models, and when we think about tuning what are the ways that attackers might influence or steal our data? Can you help our security listener leaders have the right vocabulary and concepts to rea...
EP143 Cloud Security Remediation: The Biggest Headache?
October 16, 2023 14:11 - 25 minutes - 35.7 MBGuests: Tomer Schwartz, Dazz CTO Topics: It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true? As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too? One of us used to cover vulnerability management at Gartner, and in many cases the remediation failures [on premise] were due to process, not technology, breakdown...
EP142 Cloud Security Podcast Ask Me Anything #AMA 2023
October 09, 2023 14:11 - 32 minutes - 45.1 MBHost: Stephanie Wong, Product Manager, Google Cloud Guests (yes, really, we are the guests!): Anton Chuvakin Tim Peacock Topics: Could you tell us how you ended up in security? What was the moment you realized that Cloud security was different from well, regular, security? Anton is always asking this “3AM test”, where did that come from? How do you source topics for the podcast? What advice would you give to folks who are interested in getting into security? … and other fun ques...
EP141 Cloud Security Coast to Coast: From 2015 to 2023, What's Changed and What's the Same?
October 02, 2023 17:13 - 25 minutes - 46.7 MBGuest: Jeremiah Kung, Global Head of Information Security, AppLovin Topics: Before we dive into all of the awesome cloud migrations you’ve experienced and your learnings there, could we start with a topic of East vs West CISO mentality? We are talking to more and more CISOs who see the cloud as a net win for security. What’s your take on whether the cloud improves security? We talked about doing some “big” cloud migrations, could you talk about what you learned back in 2015 about the ...
EP140 System Hardening at Google Scale: New Challenges, New Solutions
September 25, 2023 14:11 - 27 minutes - 37.6 MBGuest: Andrew Hoying, Senior Security Engineering Manager @ Google Topics: What is different about system hardening today vs 20 years ago? Also, what is special about hardening systems at Google massive scale? Can I just apply CIS templates and be done with it? Part of hardening has to be following up with developers after they have un-hardened things – how do we operationalize that at scale without getting too much in the way of productivity? A part of hardening has got to be resp...
EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
September 18, 2023 12:11 - 24 minutes - 33.4 MBGuest: Chris Corde, Sr Director of Product Management - Security Operations, Google Cloud Topics: You cover many products, but let’s focus on Chronicle today. An easy question: Chronicle isn’t an XDR, so what is it? Since you’ve joined the team, what’re you most proud of shipping to clients? Could you share more about the Mandiant acquisition, what’s been a happy surprise and what are you looking forward to making available to customers? Some believe that good security operations succ...
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
September 11, 2023 13:37 - 30 minutes - 41.6 MBGuest: Rosemary Wang, Developer Advocate at HashiCorp Topics: Could you give us a 2 minute picture on what Terraform is, what stages of the cloud lifecycle it is relevant for, and how it intersects with security teams? How can Terraform be used for security automation? How should security teams work with DevOps teams to use it? What are some of the obvious and not so obvious security challenges of using Terraform? How can security best practices be applied to infrastructure instantiat...
EP137 Next 2023 Special: Conference Recap - AI, Cloud, Security, Magical Hallway Conversations
September 05, 2023 13:53 - 23 minutes - 32.4 MBGuests: no guests, all banter, all very fun :-) Topics: How is Google Next this year? What is new in cloud security? Is Google finally a security vendor? What are some of the fun security presentations we've seen, including our own? Any impactful launches in security? What was the most interesting overall? Resources: “Next 2023 Special: Building AI-powered Security Tools - How Do We Do It?” (ep136) “RSA 2023 - What We Saw, What We Learned, and What We're Excited About” (ep119) ...
EP136 Next 2023 Special: Building AI-powered Security Tools - How We Do It?
August 28, 2023 19:42 - 21 minutes - 29.6 MBGuest: Eric Doerr, VP of Engineering, Google Cloud Security Topics: You have a Next presentation on AI, what is the most exciting part for you? We care both about securing AI and using AI for security. How do you organize your thinking about it? Executive surveys imply that trusting an AI (for business) is still an issue. How can we trust AI for security? What does it mean to “trust AI” in this context? How should defenders think about threat modeling AI systems? Back to using A...
EP135 AI and Security: The Good, the Bad, and the Magical
August 21, 2023 13:42 - 25 minutes - 35.6 MBGuest: Phil Venables (@philvenables), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: Why is AI a game-changer for security? Can we even have game-changers in cyber security? Is it more detection or is it more reducing toil and making humans more productuve? What are you favorite AI for security use cases? What “AI + security” issue makes you - a classic CISO question here - lose sleep at night? Does AI help defenders or attackers more? Won’t attacker...
EP134 How to Prioritize UX and Security in the Cloud: UX as a Security Capability
August 14, 2023 14:11 - 26 minutes - 35.9 MBGuest: Steph Hay , Director of UX, Google Cloud Security Topics: The importance of User Experience (UX) in security is so obvious – though it isn’t to a lot of people! Could we talk about the importance of UX in security? UX and security in general have an uneasy relationship, and security is harmed by bad UX, it also feels like bad UX can be a security issue. What is your take on this? How do you think about prioritizing your team’s time between day zero vs day n experiences for users...
EP133 The Shared Problem of Alerting: More SRE Lessons for Security
August 07, 2023 14:01 - 35 minutes - 49.5 MBGuest: Steve McGhee, Reliability Advocate at Google Cloud Aron Eidelman, Developer Relations Engineer at Google Cloud Topics: What is the shared problem for SRE and security when it comes to alerting? Why is there reluctance to reduce noise? How do SREs, security practitioners, and other stakeholders define “incident” and “risk”? How does involving an “adversary” change the way people think about an incident, even if the impact is identical? Which SRE alerting lessons do NOT apply ...
EP132 Chaos Engineering for Security: How to Improve Software Resilience with Kelly Shortridge
July 31, 2023 13:55 - 36 minutes - 50.1 MBGuest: Kelly Shortridge, Senior Principal Engineer in the Office of the CTO at Fastly Topics: So what is Security Chaos Engineering? “Chapter 5. Operating and Observing” is Anton’s favorite. One thing that mystifies me, however, is that you outline how to fail with alerts (send too many), but it is not entirely clear how to practically succeed with them? How does chaos engineering help security alerting / detection? How chaos engineering (or is it really about software resilience?) i...
EP131 A Deep Dive into Google's Assured OSS: How Google Secures the Software You Use
July 24, 2023 14:11 - 26 minutes - 35.9 MBGuests: Himanshu Khurana, Engineering Manager, Google Cloud Rahul Gupta, Product Manager for Assured OSS, Google Cloud Topics: For the software you’re supporting in Assured Open Source your team discovered 50% of the CVEs reported in them this year. How did that happen? So what is Assured Open Source? Do we really guarantee its security? What does “guarantee” here mean? What’re users actually paying for here? What’s the Google magic here and why are we doing this? Do we really aud...
EP130 Cloud is Secure: Are you Using It Securely - True or False?
July 17, 2023 12:11 - 34 minutes - 47.4 MBGuest: Steve Riley, Field CTO, Netskope, ex-Gartner Research VP Topics: Analysts (well, like Steve and Anton in the past?) say that “cloud is secure, but clients just aren’t using it securely”, what is your reaction to this today? When clients hear “use cloud securely”, what do you think comes to their minds? How would you approach planning for secure use of the cloud or using cloud securely? What is your view of cloud defense in depth (DiD) or layered defenses? How do you suggest ...
EP129 How CISO Cloud Dreams and Realities Collide
July 10, 2023 14:11 - 31 minutes - 43 MBGuest: Rick Doten, VP, Information Security at Centene Corporation, CISO Carolina Complete Health Topics: What are the realistic cloud risks today for an organization using public cloud? Is the vendor lock-in on that list? What other risks everybody thinks are real, but they are not? What do you tell people who in 2023 still think “they can host Exchange better themselves” and have silly cloud fears? What do you tell people who insist on “copy/pasting” all their security technology...
EP128 Building Enterprise Threat Intelligence: The Who, What, Where, and Why
July 03, 2023 14:11 - 27 minutes - 37.2 MBGuest: John Doyle, Principle Intelligence Enablement Consultant at Mandiant / Google Cloud Topics: You have created a new intelligence class focused on building enterprise threat intelligence capability, so what is the profile of an organization and profile for a person that benefits the most from the class? There are many places to learn threat intel (TI), what is special about your new class? You talk about country cyber operations in the class, so what is the defender - relevant d...
EP127 Is IAM Really Fun and How to Stay Ahead of the Curve in Cloud IAM?
June 26, 2023 14:11 - 30 minutes - 41.4 MBGuest: Ian Glazer, founder at Weave Identity, ex-Gartner, ex-SVP of Products at Salesforce, co-founder of IDPro Topics: OK, tell us why Identity and Access Management (IAM) is exciting (is it exciting?) Could you also explain why IAM is even more exciting in the cloud? Are you really “one IAM mistake away from a breach” in the cloud? What advice would you give to someone new to IAM? How to not just “learn IAM in the cloud” but to keep learning IAM? Is what I know about IAM in AWS t...
EP126 What is Policy as Code and How Can It Help You Secure Your Cloud Environment?
June 19, 2023 14:11 - 31 minutes - 43.6 MBGuests: Dominik Richter, the founder and head of product at Mondoo Cooked questions: What is a policy, is that the same as a control, or is there a difference? And what’s the gap between a policy and a guardrail? We have IaC, so what is this Policy as Code? Is this about security policy or all policies for cloud? Who do I hire to write and update my policy as code? Do I need to be a coder to create policy now? Who should own the implementation of Policy as Code? Is Policy as Code som...
EP125 Will SIEM Ever Die: SIEM Lessons from the Past for the Future
June 12, 2023 14:11 - 29 minutes - 40.9 MBGuest: David Swift, Security Strategist at Netenrich Topics: Which old Security Information and Event Management (SIEM) lessons apply today? Which old SIEM lessons absolutely do not apply today and will harm you? What are the benefits and costs of SIEM in 2023? What are the top cloud security use cases for SIEM in 2023? What are your favorite challenges with SIEM in 2023 special in the cloud? Are they different from, say, 2013 or perhaps 2003? Do you think SIEM can ever die? Resou...
EP124 Safe Browsing: Lessons from How Google Secures Five Billion Devices at Low False Positive Rates
June 05, 2023 14:11 - 25 minutes - 34.5 MBGuest: Panos Mavrommatis, Senior Engineering Director at Google Cloud Topics: Could you give us the 30 second overview of our favorite “billion user security product” - SafeBrowsing - and, since you were there, how did it get started? SafeBrowsing is a consumer and business product – are you mitigating the same threats and threat models on each side? Making this work at scale can’t be easy, anytime we’re talking about billion device protection, there are massive scale questions. How did...
EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
May 29, 2023 14:11 - 39 minutes - 54.2 MBGuest: Jack Naglieri, Founder and CEO at Panther Topics: What is good detection, defined at micro-level for a rule or a piece of detection content? What is good detection, defined at macro-level for a program at a company? How to reliably produce good detection content at scale? What is a detection content lifecycle that reliably produces good detections at scale? What is the purpose of a SIEM today? Where do you stand on a classic debate on vendor-written vs customer-created detec...
EP122 Firewalls in the Cloud: How to Implement Trust Boundaries for Access Control
May 22, 2023 12:21 - 34 minutes - 46.9 MBGuest: Michele Chubirka, Senior Cloud Security Advocate, Google Cloud Topics: So, if somebody wakes you up at 3AM (“Anton’s 3AM test”) and asks “Do we need firewalls in the cloud?” what would you say? Firewalls (=virtual appliances in the cloud or routing cloud traffic through physical firewalls) vs firewalling (=controlling network access) in the cloud, do they match the cloud-native realities? How do you implement trust boundaries for access control with cloud-native options? Can you...
EP121 What Happens Here Stays Here: Confidential City (and Space)
May 15, 2023 12:57 - 31 minutes - 43.2 MBGuests: Nelly Porter, Group Product Manager, Google Cloud Rene Kolga, Senior Product Manager, Google Cloud Topics: Could you remind our listeners what confidential computing is? What threats does this stop? Are these common at our clients? Are there other use cases for this technology like compliance or sovereignty? We have a new addition to our Confidential Computing family - Confidential Space. Could you tell us how it came about? What new use cases does this bring for clients? ...
EP120 Building Secure Cloud and Building Security Products: Finding the Balance
May 08, 2023 14:14 - 26 minutes - 35.7 MBGuest: Jeff Reed, VP of Product, Cloud Security @ Google Cloud Topics: You’ve had a long career in software and security, what brought you to Google Cloud Security for this role? How do you balance the needs of huge global financials that often ask for esoteric controls (say EKM with KAJ) vs the needs of SMBs that want easy yet effective, invisibility security? We’ve got an interesting split within our security business: some of our focus is on making Google Cloud more secure, while so...