Cloud Security Today artwork

Cloud Threat Report Vol 6

Cloud Security Today

English - December 21, 2022 11:00 - 44 minutes - 30.8 MB - ★★★★★ - 13 ratings
Technology devsecops cloud security cloud aws azure google supply chain Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Pockets of Innovation
Next Episode: SEC-retly Telling All: The New Cyber-Disclosure Rules

This episode of the Cloud Security Today podcast welcomes back favorite special guests Jay Chen and Nathaniel “Q” Quist to unpack the latest Cloud Threat Report. Join host Matt Chiodi as he shares insights from the report and analyzes the current state of cloud security.

Beginning with an in-depth look at Identity and Access Management (IAM) in cloud security, the guests talk about the latest changes in cloud security. They discuss the report’s findings on permissions and what cloud systems providers are currently doing (or not doing) to help keep cloud data secure. At the end of the episode, Jay and Q give tips on how to stay up-to-date on developments in the cloud security landscape and reveal the next projects that they’re working on. 

If you enjoyed this episode, you can show your support for the podcast by rating and reviewing it and by subscribing to Cloud Security Today wherever you listen to podcasts. 

 

Show Notes/Timestamps

[2:11] Matt welcomes repeat guests Jay and Q onto the show

[3:36] So, what’s changed for Identity and Access Management over the last year? 

[8:05] Jay lays out what makes good cloud governance so difficult

[11:50] Complicating factors in cloud security

[14:22] What does the research show about permissions and over permissions on cloud systems? 

[17:28] “When you can’t figure out what to do, you add more permissions:” How permissions multiply

[20:19] Are cloud service providers helping or hindering cloud security?

[24:03] Debating the Infrastructure as Code framework

[28:13] Q breaks down the Cloud Threat Actor Index 

[31:32] Q’s top five bad actors on the cloud security landscape

[35:11] Jay gives his recommendations for IAM

[39:55] How you can stay up-to-date on the latest developments in cloud security

[42:10] The next projects that Jay and Q are working on


Links

Check out this episode’s sponsor, Prisma Cloud

Unit 42 reports

IAM-Deescalate Tool

Cloud Sec List

Secure applications from code to cloud.
Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).

Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.