SilverLining IL

The podcast for Security Architecture Hosted by Moshe Ferber and Ariel Munafo. The world of sof ... more

Hosted by

Latest Episodes

40

July 21, 2021 00:22:55
SilverLining Episode 40: Protecting SaaS services using automation & continuous monitoring

SilverLining Episode 40: Protecting SaaS services using automation & continuous monitoring

Guest: Adam Gavish Guest Title: Co-Founder and CEO, DoControl.io Topic: Protecting SaaS services using automation & continuous monitoring Abstract: SaaS services are blooming and organizations are adopting more and more of them. In this episode, we hosted Adam Gavish, co-founder, and CEO at DoControl - an innovative startup that is reshaping the way we govern and monitor SaaS applications -  about the business case of SaaS services, the market gaps, and how organizations should catalog, protect and monitor their SaaS portfolio. ...

Listen

39

June 23, 2021 00:29:08
SilverLining Episode 39: Securing API Services

SilverLining Episode 39: Securing API Services

Attendees Guest: Oz Avenstein Guest Title: Founder & CEO @ Avensec - Cloud & Application Security Topic: Securing API Services   Abstract The applicative infrastructure is becoming more and more complex due to different requirements, design patterns, and technologies. In many of these cases, one of those requirements is to connect other parties to systems, and in other cases, to connect systems to other parties. Nowadays, the most common connection method is to use Application Programming Interfaces (APIs). In this episode we spoke with Oz Avenstein, co-author of the CSA Security Guidelines for Providing and Consuming APIs about the guidelines creation process and how organizations should secure access to API resources. ...

Listen

38

May 12, 2021 00:32:43
SilverLining Episode 38: Cloud Native Security Foundations

SilverLining Episode 38: Cloud Native Security Foundations

Attendees Guest: Gadi Naor  Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach. ...

Listen

37

April 13, 2021 00:27:16
SilverLining Episode 37: Software Package Dependencies Attacks

SilverLining Episode 37: Software Package Dependencies Attacks

Attendees Guest: Tzachi Zornstain Guest Title: Co-Founder & CEO, Dustico Topic: Software Package Dependencies Attacks Abstract Supply chain and software dependencies attacks are becoming more popular, and organizations are having a hard time coping with those types of vectors. In this episode, we spoke with Tzach Zornstain, Co-Founder at Dustico, about the difference between malicious software and vulnerable software, and how organizations should use 3rd party software for the development of their own applications securely. ...

Listen

36

March 09, 2021 00:30:44
Episode 36: Wiz

Episode 36: Wiz

Attendees Guest: Yinon Costica Guest title: VP Product  Abstract Wiz is the new star in the cloud security market, founded by veterans with a proven record and raised over $100M in less than a year of operations. In this episode, we talked with Yinon Costica, Co-Founder and VP Product at Wiz, about cloud security challenges, how is Wiz different from others, and how are they going to disrupt the market.  ...

Listen

35

February 24, 2021 00:33:05
Episode 35: Compliance Automation and Zero Trust Containers

Episode 35: Compliance Automation and Zero Trust Containers

Sponsored By:   ‍‍ Attendees Guest: Malgorzata (Gosia) SteinderGuest title: CTO of Hybrid Cloud Research. IBM researchTopic: Compliance automation and zero trust containers   Abstract Continuous monitoring, containers, zero trust, confidential computing - those are all examples of technologies that will be the main focus in the upcoming years. In this episode, we hosted Malgorzata (Gosia) Steinder, CTO of Hybrid Cloud Research at IBM, who provided her vision on how all those technologies mentioned above, should be integrated into highly secure applications deployments.   Links:  NIST OSCAL standard: https://pages.nist.gov/OSCAL/ Automated compliance Open Source tool  by IBM  https://github.com/IBM/compliance-trestle Security monitoring open source tool by IBM:  https://www.ibm.com/blogs/research/2020/01/sysflow/ workload identity: https://developer.ibm.com/solutions/security/articles/protecting-data-using-secret-management-trusted-service-identity/     ...

Listen