Cloud Security Podcast artwork

Secure your SaaS applications like this!

Cloud Security Podcast

English - November 21, 2023 18:00 - 42 minutes - 39.1 MB - ★★★★★ - 52 ratings
Education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Threat Detection for not so Common Cloud Services
Next Episode: Attack Path Analysis for Better Kubernetes Security

SaaS Applications support large companies, small startups. We inevitably accumulate SAAS applications to manage our employees, payroll, communication with things like Workday, Slack, Salesforce and now even things like ChatGPT. But how do you find out what you have and if they are secure. We spoke about all things SSPM with Max Feldman who has done Product Security for years at companies like Slack, Salesforce and now AppOmni.




Thank you to our episode sponsor AppOmni


You can get a copy of their SaaS Security Posture Management Report 2023 here


Guest Socials: Max's Linkedin ⁠(@maxfeldman14)⁠


Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠


If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:


- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠


⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠




Questions asked:


(00:00) Introduction


(04:20) A bit about Max


(04:48) What is a SaaS application?


(05:45) What is SSPM?


(09:33) When to consider a SSPM?


(15:45) SaaS and the Cloud


(16:39) SaaS Attack Surface


(19:34) CASB vs SSPM


(24:00) Is ChatGPT a SaaS application?


(25:07) SSPM vs CSPM + CNAPP


(27:33) SSO and Onboarding


(29:21) Starting a SaaS Security Program


(36:48) Challenges with SaaS Security Program


(41:50) Where you can find Max!

Twitter Mentions