Guest: Ory Segal, Puresec
Guest title: CTO & Co-Founder at PureSec
Company: Puresec is the global leader in serverless architectures security.
Serverless functions are one the most interesting things that is happening in architecture of application development. With Serverless, application developers can stop worry about the underlying infrastructure and scalability of the application, but they must address other risks at application level. In this podcast we are interviewing Puresec CTO, Ory Segal , co-author of the top 12 risks to serverless applications
0:00 – 2:35 – intro
2:35 – 8:05 - what are Serverless functions
8:05- 12:20 - how Serverless is different (security wise)
12:20 - 19:40 - Serverless risks & threats
19:40 - 24:00 - common mistakes and misconfiguration with Serverless
24:00 – 29:30 - Serverless effect on people, process and technology
29:30 – 37:00 – Summary and conclusions
Attendees Guest: Eran Feigenbaum Guest title: CSO, Oracle Cloud Abstract The first generation of cloud services began about 15 years ago and stretched until now, but it came with many built-in challenges due to lack of maturity and the fact that security was added on top and not present from the start. In this episode we talk with Eran Feigenbaum, CISO of Oracle cloud about the next generation of cloud services - how can we build cloud that is more secure,, immuned to miss-configuration and other pitfalls that are relevant to today's cloud services. Timing: 0:00 introducing our guest 5:40 Generation one of cloud infrastructure 8:40 so what is second generation of cloud infrastructure 10:30 how Oracle is planning to change the cloud market 11:40 how second generation cloud services can help with common mistakes such as misconfiguration 13:35 what cloud provider should do in order to increase security 16:05 how cloud providers can be proactive with their customers 19:00 handling miss-configuration such as open buckets and lost API’s keys 23:40 summary and last words ...
Attendees Guest: Ofer Maor Guest title: Co-Founder & CTO Company: Mitiga Abstract The recent increase of cloud based attacks gives us an opportunity to examine new attack vectors and how attackers exploit new services. In this episode we talked with Ofer Maor, Co-Founder at Mitiga, about new attack vectors in cloud computing and how attackers exploit new services such as marketplaces, community repos and other examples. Timing: 0:00 Introducing our guest and Mitiga 3:32 Preparing for cloud incident response 7:15 Cloud attack vector - malicious AMI 11:00 More attack vectors on marketplaces 13:18 Github attack vectors 18:15 attack vector - Business email compromise on 365 25:44 how to mitigate cloud incidents 27:58 Summary and last words ...
Guest: Alex Peleg Guest title: Co-founder and CVO at Cynergy Language: English Abstract Small and medium businesses are currently the most vulnerable sector in the market. They don’t have the knowledge and awareness to secure their own operations, and security vendors and IT services companies often neglect this sector. In this episode we spoke with Alex Peleg, CVO at Cynergy, on the challenges of securing SMB and how regulators, Security vendors and the security community should bridge the gap of knowledge and awareness in the SMB market. ...