Cloud Security Podcast by Google artwork

EP69 Cloud Threats and How to Observe Them

Cloud Security Podcast by Google

English - June 13, 2022 15:05 - 29 minutes - 40.8 MB - ★★★★★ - 33 ratings
Technology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: EP68 How We Attack AI? Learn More at Our RSA Panel!
Next Episode: EP70 Special - RSA 2022 Reflections - Securing the Past vs Securing the Future

Guest:

James Condon,  Director of Security Research @  Lacework 

Topics:

What are realistic and actually observed cloud threats today? How did you observe them at Lacework? Cloud threats: are they on-premise  style threats to cloud assets? We hate the line “cloud is just somebody else’s computer” but apparently threats actors seem to think so? What is the 2nd most dangerous cloud issue after configuration mistakes? Why is it so common for organizations to have insecure configurations in their cloud environments?  Give me a few examples of the most common mistakes organizations make, and what they can do to avoid those configurations. Cloud malware and  ransomware / RansomOps, are these real risks today? Are we finally seeing the rise of Linux malware at scale (in the cloud)? As multi cloud expands in popularity, what are threat actors doing in this area? Are actors customizing their attacks on a per-cloud basis (AWS, GCP, Azure)?

 Resources:

Lacework 2022 Cloud Threat Report “Securing DevOps: Security in the Cloud” book “Threat Models and Cloud Security” (ep12) Google Threat Horizons Report #1 Google Threat Horizons Report #2