EP32 Can You Ever Know Thyself: Cloud Attack Surface Management
Cloud Security Podcast by Google
English - September 20, 2021 15:31 - 23 minutes - 32.5 MB - ★★★★★ - 33 ratingsTechnology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: EP31 Cloud Certifications, and Cloud Security with TheCertsGuy
Guest:
Derek Abdine, CTO @ Censys.ioTopics:
Attack Surface Management (ASM). Why do we need a new toolset and a new category? Isn’t this just 1980s asset management or CMDB? How do we find those assets that may have been misplaced by the organizations? How can any technology do this reliably? ASM seems to often rely on network layer 3 and 4. Can’t bad guys just hit the app endpoints and all your network is irrelevant then? When you think about the threats organizations face due to unknown assets, is data theft at the top of the stack? What should organizations keep in mind as a priority here? Who at an organization is best set up to receive, triage, investigate, and respond to the alerts about the attack surface? Are there proactive steps organizations can take to prevent shadow IT, or are we stuck responding to each new signal? Isn’t preventing new assets the same as preventing business?Resources:
“Cloud Misconfiguration Mayhem An Analysis of Service Exposure Across Cloud Providers“ “Attack Surface Management Buyer’s Guide”