Attendees
Guest: Evgeny Zislis
Guest title: CTO
Company: ProdOPS
Over 90% of IaaS/PaaS security incidents happens on consumer fault. Cloud platforms are complicated, with steep learning curve and it is easy to make mistakes. In this podcast, we talk with Evgeny Zislis, CTO for ProdOPS about the common IaaS/PaaS security mistakes and misconfigurations, categorize them and talk about measures to reduce those mistakes and identify them on time.
Timing:
0:00 – 2:10 - intro and introducing our guest
2:10 - 31:05 - What are the common cloud misconfiguration and mistakes
31:05 - 34:20 Avoiding cloud misconfigurations: the process angle
34:20 - 38:33 Avoiding cloud misconfigurations: the people angle
38:33 - 49:00 Avoiding cloud misconfigurations: the technology angle
49.00 – 52:00 Summary and conclusions
Attendees Guest: Oz Avenstein Guest Title: Founder Company: Avensec Abstract Penetration tests are one of the strongest controls that we use. It is testing the overall resilience of our application and allows us to be more confident in our workloads. But in the cloud era, cloud applications pen testing needs to be coordinated with the providers. In this episode we talk with Oz Avenstein, an application security expert, about the challenges of cloud penetration testing and how to do it correctly. Timing: 0.50 introducing our guest 3.40 How is cloud penetration tests different from regular pen tests? 5.01 elaborating about IaaS/PaaS particular pen test policies 8.45 pen testing SaaS applications 11.05 relaying on 3rd party pen testing 12.02 cloud pen test considerations and phases 17.35 the actual pen testing 21.20 the reporting phase 23.40 incorporating pen test into applications development cycle 34:00 Summary and last words ...
Guest: Ravid Circus Guest title: Co-Founder, Seemplicity Language: English Abstract As organizations develop more software, and in faster cycles, greater responsibility is laid on security teams who have a full-stack responsibility for infrastructure, applications, IT services and many other aspects in the business. In this episode we spoke with Ravid Circus co-founder and CPO at Seemplicity to understand how security teams can efficiently scale their risk reduction efforts and interact with their counterparts productively by using digital workflows for security operations. ...
Guest: David W. Schropfer Guest Title: Host of DIY Cyber Guy Podcast Abstract: Many IT & security professionals are asking what Is the best way to enter the world of cloud computing. In this episode we had the privilege of cooperating with David W. Schropfer from the successful podcast DIY cyber guy to discuss the career paths that are relevant for beginners or experienced professionals who wish to explore how cloud computing can promote their career. ...