EP148 Decoding SaaS Security: Demystifying Breaches, Vulnerabilities, and Vendor Responsibilities
Cloud Security Podcast by Google
English - November 12, 2023 23:00 - 29 minutes - 40.9 MB - ★★★★★ - 33 ratingsTechnology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Guest:
Adrian Sanabria, Director of Valence Threat Labs at Valence Security, ex-analyst
Topics:
When people talk about “cloud security” they often forget SaaS, what should be the structured approach to using SaaS securely or securing SaaS?
What are the incidents telling us about the realistic threats to SaaS tools?
Is the Microsoft 365 breach a SaaS breach, a cloud breach or something else?
Do we really need CVEs for SaaS vulnerabilities?
What are the least understood aspects of securing SaaS?
What do you tell the organizations who assume that “SaaS vendor takes care of all SaaS security”?
Isn’t CASB the answer to all SaaS security issues? We also have SSPM now too? Do we really need more tools?
Resources:
EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?
Valence 2023 State of SaaS Security report
DHS Launches First-Ever Cyber Safety Review Board
Enterprise Security Weekly podcast
CloudVulnDb and another cloud vulnerability list
Cyber Safety Review Board (CSRB) by CISA