Episode 7: Creating Trust in Cloud

Episode 7 September 02, 2019 00:36:26
Episode 7: Creating Trust in Cloud
SilverLining IL
Episode 7: Creating Trust in Cloud
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Damir Savanović

Guest title: Senior researcher

Company: Cloud Security Alliance

Abstract

Creating trust is one of the major challenges for cloud providers and consumers, without trust customers will not be able to move workloads into cloud environments, but trust is a very elusive term that is hard to achieve. In  this episode we talk with Damir Savanović from the Cloud Security Alliance on how cloud providers and consumers can use certifications for increasing trust and how is CSA preparing to the new requirements of continuous monitoring that are arriving with the new EU cyber laws.

Timing

0:00

Intro and introducing our guest and overview of Damir activities in the area of cloud security

5:40

Introducing Cloud Security Alliance activities and major projects (STAR and CCSK)

9.17 

The true meaning of trust in cloud computing. Using attestation and certification for establishing trust

14:50  

The difference between certification and attestation and the effect of the new EU cybersecurity law on compliance

17.50

Understanding CSA STAR methodology from self assessment to certification or attestation and continuous monitoring

24.20

Behind the scenes of continuous monitoring - the CSA STAR methodology 

32.00

Summary and conclusions

Episode Transcript

No transcript available...

Other Episodes

Episode 31

December 23, 2020 00:32:14

Episode 31: Understanding Cloud Native Security Basics

Attendees Guest: Benjy Portnoy Guest Title: Sr. Director, Solution Architects Company: Aqua Security Abstract A cloud-native security strategy entails protecting the infrastructure, build, and running workloads. In this episode, we spoke with Benjy Portnoy, Sr Director of Solution Architects at Aqua Security regarding cloud-native security fundamentals. We also delve into various attacks identified in the recently published Cloud Native Threat Report by Aqua's security research team, Nautilus. Timing 0:00 introducing our guest 2:50 what is cloud native security 5:11 Sorting out between CWPP, CSPM & DevSecOps 8:01 Protecting the build, the platform and workload 10:30 Understanding what is CASB  12:45 diving into the kinsing attack 29.11 Summary and last words ...

Listen

Episode 13

December 31, 2019 00:31:56

Episode 13: Creating Trust & Awareness

Attendees Guest: Vladi Sandler Guest title: Cloud Security team leader Company: cymotive.com Abstract Gaining trust and developing awareness with customers is one of the hardest challenges for providers. It is almost an art. In this episode we talk with Vladi Sandler from Cymotive about creating healthy relationships with customers and how a mixture of personal awareness and technical proficiency are crucial in the customer-provider relationships. Timing: 0:25 introducing our guest 03:30 Introducing Cymotive   5:55 Cymotive challenges with their market targets 10:10 relevant Security teams for protecting automotive  11:50 The concepts of car security 13:55 Challenges when creating trust - The people angle 17:48 Challenges when creating trust - The process angle 22:00 Challenges when creating trust - The technology angle 27:50 Summary and final words ...

Listen

Episode 43

December 08, 2021 00:25:04

SilverLining Episode 43: Gaining cloud security knowledge & certification

Guest: David W. Schropfer Guest Title: Host of DIY Cyber Guy Podcast Abstract:  Many IT & security professionals are asking what Is the best way to enter the world of cloud computing. In this episode we had the privilege of cooperating with David W. Schropfer from the successful podcast DIY cyber guy to discuss the career paths that are relevant for beginners or experienced professionals who wish to explore how cloud computing can promote their career. ...

Listen