![Cloud Security Today artwork](https://is4-ssl.mzstatic.com/image/thumb/Podcasts114/v4/a4/84/86/a4848617-7d53-ef4e-cb34-eb73f8e72cd0/mza_16890940465504420472.jpg/100x100bb.jpg)
Building a SaaS security program
Cloud Security Today
English - June 23, 2024 10:00 - 50 minutes - 34.8 MB - ★★★★★ - 13 ratingsTechnology devsecops cloud security cloud aws azure google supply chain Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
This month, we welcome Swathi Joshi, VP of SaaS Cloud Security at Oracle, to discuss key moments and decisions that shaped her career path, including rejections from Google and Twitter. She emphasizes the importance of learning from rejection and seeking feedback to improve. Swathi also shares insights on the role of mentors and advises on finding and working with mentors. In the second part of the conversation, she discusses building a SaaS security program as an enterprise consumer of SaaS. She highlights the importance of addressing misconfigurations, ensuring visibility and access control, and meeting compliance needs.
Swathi also suggests asking about backup and exploring risk scoring for vendors. In this conversation, Swathi discusses best practices for managing vendor risk, vulnerability management through third parties, and incident response in SaaS applications. She also shares insights on privacy operations and critical privacy controls in SaaS. Swathi emphasizes the importance of collaboration, robust incident response plans, and data lifecycle management. She also highlights the need for identity and access control and the challenges of normalizing incident response across different SaaS platforms. Swathi's leadership philosophy is collaborative and pace-setting, and she emphasizes the importance of stress management.
Takeaways
Links
Privacy Operations Template
Swathi's LI Profile
Chapters
00:00 Navigating Career Challenges and Learning from Rejection
08:13 The Role of Mentors in Career Growth
15:26 Building a Strong SaaS Security Program
21:20 Meeting Compliance Needs in a SaaS Environment
21:56 Backup and Risk Scoring for SaaS Vendors
22:38 Managing Vendor Risk
26:12 Improving Vulnerability Management through Third Parties
26:35 Navigating Incident Response in SaaS Applications
34:03 Operationalizing Privacy Operations in SaaS
40:50 The Importance of Collaboration in Leadership
43:04 Managing Stress for Effective Leadership
Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.