Episode 23: Understanding Microsoft Cloud Security Pillars

Episode 23 August 04, 2020 00:47:42
Episode 23: Understanding Microsoft Cloud Security Pillars
SilverLining IL
Episode 23: Understanding Microsoft Cloud Security Pillars
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Yoad Dvir

Guest title: Security Lead, Central and Eastern Europe

Company: Microsoft

Abstract

Microsoft security portfolio has been growing and diversifying in the last couple of years, adding more capabilities at various areas of information security. In order to better understand Microsoft strategy and offering, we talked with Yoad Dvir, Cyber Security Lead at Microsoft, about the Microsoft new security pillars:  Monitoring, Threat Protection and Information Protection.

Timing:

 0:00 - Introducing our guest

5:45  - Introducing Microsoft security strategy

12:50 - Security monitoring pillars - Azure monitor, Sentinel, Azure analytics and more

21:10 - Microsoft Threat Protection family - Cloudapp, O365 ATP, Defender ATP, Azure ATP

30:50 - diving deeper into Cloudapp

35:30 - Microsoft Information Protection 

44:00 - summary and last words

Other Episodes

Episode 7

September 02, 2019 00:36:26
Episode Cover

Episode 7: Creating Trust in Cloud

Attendees Guest: Damir Savanović Guest title: Senior researcher Company: Cloud Security Alliance Abstract Creating trust is one of the major challenges for cloud providers and consumers, without trust customers will not be able to move workloads into cloud environments, but trust is a very elusive term that is hard to achieve. In  this episode we talk with Damir Savanović from the Cloud Security Alliance on how cloud providers and consumers can use certifications for increasing trust and how is CSA preparing to the new requirements of continuous monitoring that are arriving with the new EU cyber laws. Timing 0:00 Intro and introducing our guest and overview of Damir activities in the area of cloud security 5:40 Introducing Cloud Security Alliance activities and major projects (STAR and CCSK) 9.17  The true meaning of trust in cloud computing. Using attestation and certification for establishing trust 14:50   The difference between certification and attestation and the effect of the new EU cybersecurity law on compliance 17.50 Understanding CSA STAR methodology from self assessment to certification or attestation and continuous monitoring 24.20 Behind the scenes of continuous monitoring - the CSA STAR methodology  32.00 Summary and conclusions ...

Listen

Episode 38

May 12, 2021 00:32:43
Episode Cover

SilverLining Episode 38: Cloud Native Security Foundations

Attendees Guest: Gadi Naor  Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach. ...

Listen

Episode 41

August 25, 2021 00:40:02
Episode Cover

SilverLining Episode 41: Securing ci/cd pipeline using policy as code

Guest: Eran Leib (vp product), Maor Goldberg (CEO) Guest Title:  Founders at Apolicy (a sysdig company) Abstract: Infrastructure and policy as code is one of the hottest topics in security today. In this episode we spoke with Eran & Maor, founders at aPolicy (acquired by Sysdig shortly after the recording) ,  about cloud native security and how organizations should use automated policy templates for security CI/CD pipelines.   ...

Listen