Attendees
Guest: Damir Savanović
Guest title: Senior researcher
Company: Cloud Security Alliance
Abstract
Creating trust is one of the major challenges for cloud providers and consumers, without trust customers will not be able to move workloads into cloud environments, but trust is a very elusive term that is hard to achieve. In this episode we talk with Damir Savanović from the Cloud Security Alliance on how cloud providers and consumers can use certifications for increasing trust and how is CSA preparing to the new requirements of continuous monitoring that are arriving with the new EU cyber laws.
Timing
0:00 |
Intro and introducing our guest and overview of Damir activities in the area of cloud security |
5:40 |
Introducing Cloud Security Alliance activities and major projects (STAR and CCSK) |
9.17 |
The true meaning of trust in cloud computing. Using attestation and certification for establishing trust |
14:50 |
The difference between certification and attestation and the effect of the new EU cybersecurity law on compliance |
17.50 |
Understanding CSA STAR methodology from self assessment to certification or attestation and continuous monitoring |
24.20 |
Behind the scenes of continuous monitoring - the CSA STAR methodology |
32.00 |
Summary and conclusions |
Attendees Guest: Benjy Portnoy Guest Title: Sr. Director, Solution Architects Company: Aqua Security Abstract A cloud-native security strategy entails protecting the infrastructure, build, and running workloads. In this episode, we spoke with Benjy Portnoy, Sr Director of Solution Architects at Aqua Security regarding cloud-native security fundamentals. We also delve into various attacks identified in the recently published Cloud Native Threat Report by Aqua's security research team, Nautilus. Timing 0:00 introducing our guest 2:50 what is cloud native security 5:11 Sorting out between CWPP, CSPM & DevSecOps 8:01 Protecting the build, the platform and workload 10:30 Understanding what is CASB 12:45 diving into the kinsing attack 29.11 Summary and last words ...
Attendees Guest: Vladi Sandler Guest title: Cloud Security team leader Company: cymotive.com Abstract Gaining trust and developing awareness with customers is one of the hardest challenges for providers. It is almost an art. In this episode we talk with Vladi Sandler from Cymotive about creating healthy relationships with customers and how a mixture of personal awareness and technical proficiency are crucial in the customer-provider relationships. Timing: 0:25 introducing our guest 03:30 Introducing Cymotive 5:55 Cymotive challenges with their market targets 10:10 relevant Security teams for protecting automotive 11:50 The concepts of car security 13:55 Challenges when creating trust - The people angle 17:48 Challenges when creating trust - The process angle 22:00 Challenges when creating trust - The technology angle 27:50 Summary and final words ...
Guest: David W. Schropfer Guest Title: Host of DIY Cyber Guy Podcast Abstract: Many IT & security professionals are asking what Is the best way to enter the world of cloud computing. In this episode we had the privilege of cooperating with David W. Schropfer from the successful podcast DIY cyber guy to discuss the career paths that are relevant for beginners or experienced professionals who wish to explore how cloud computing can promote their career. ...