Episode 6: The Cloud Octagon Model Framework for Cloud Adoption

Episode 6 August 12, 2019 00:33:45
Episode 6: The Cloud Octagon Model Framework for Cloud Adoption
SilverLining IL
Episode 6: The Cloud Octagon Model Framework for Cloud Adoption
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Olaf Streutker

Guest title: CISO Advisor

Company: ABN Amro

Abstract

The Cloud Octagon Model is a new framework for cloud adoption (mostly SaaS adoption). The model was designed in cooperation between ABN-Amro and the Cloud Security Alliance and assists organizations to identify, represent, and assess risks in the context of their cloud implementation across multiple factors by introducing a logical approach to holistically dealing with security aspects involved in moving to the cloud.

Link to CSA Cloud Octagon Model:

https://cloudsecurityalliance.org/artifacts/cloud-octagon-model/

 

Timing

 

0:00

Intro and introducing the guest and ABN Amro cloud adoption methodology

12:10

The evolution of the Cloud Octagon Model and basic concepts

11:28 

How ABN-Amro are dealing with IaaS/PaaS vs. SaaS

15:30

The different phases of the Cloud Octagon Model: Classification

20.30

Core banking applications in the cloud

24.20

The different phases of the Cloud Octagon Model

31.20

Summary and conclusions

 

Episode Transcript

No transcript available...

Other Episodes

Episode 25

September 01, 2020 00:35:08

Episode 25: From Excessive Permissions To Least Privileges - Automating Your IAM Roles

Attendees Guest: Shira Shamban Guest title: CEO & Co-Founder Company: Solvo Abstract In modern cloud environments, Identity and Access Management controls are crucial controls. Many of the access decisions are now made not based on networking structure but rather on roles and permissions. In this episode we talk (again) with Shira Shamban, founder at Solvo about cloud IAM challenges - why is it so hard to get IAM right and how Solvo is planning to revolutionize the IAM management process.  Timing: 0:00 Introducing our guest 3:00 Introducing cloud identity challenges  6:20 Why role management is not enough 11:40 Why we fail to create least-privilege-roles   15:10 How to manage IAM securly - the people angle 18:13 How to manage IAM securly - the process angle 21:08 How to manage IAM securly - the technology angle 31:08 Summary and last words ...

Listen

Episode 5

July 25, 2019 00:53:07

Episode 5: Guard Rails And Not Gates – How R&D And Security Should Co-Exist Audio Player

Attendees Guest: Guy Flechter Guest title: CISO Company: AppFlayer Abstract One of the biggest challenges facing software companies is how to make sure security policies are enforced across the development cycle without holding R&D ability to innovate. In this episode, Guy Flechter, CISO for Appsflyer, will elaborate on the way he  is providing R&D guidelines and support while keeping them motivated and committed to security.   Timing 0:00 Intro and introducing Appsflyer and its digital business 10:29 Understanding Appsflyer underlying technology and security challenges 14:20  “We came in peace” Building security foundation at Appsflyer - understanding Guy’s methodology 19:55   the people angle: Building the right team and how to work efficiently with R&D team.  27.40 The technology angel:  How to make sure developers don’t need security in everyday life, but they are still on the right tracks 37.10 The process angel: building developers autonomy 40.25 Summary and conclusion ...

Listen

Episode 40

July 21, 2021 00:22:55

SilverLining Episode 40: Protecting SaaS services using automation & continuous monitoring

Guest: Adam Gavish Guest Title: Co-Founder and CEO, DoControl.io Topic: Protecting SaaS services using automation & continuous monitoring Abstract: SaaS services are blooming and organizations are adopting more and more of them. In this episode, we hosted Adam Gavish, co-founder, and CEO at DoControl - an innovative startup that is reshaping the way we govern and monitor SaaS applications -  about the business case of SaaS services, the market gaps, and how organizations should catalog, protect and monitor their SaaS portfolio. ...

Listen