Episode 25: From Excessive Permissions To Least Privileges - Automating Your IAM Roles

Episode 25 September 01, 2020 00:35:08
Episode 25: From Excessive Permissions To Least Privileges - Automating Your IAM Roles
SilverLining IL
Episode 25: From Excessive Permissions To Least Privileges - Automating Your IAM Roles
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Shira Shamban

Guest title: CEO & Co-Founder

Company: Solvo

Abstract

In modern cloud environments, Identity and Access Management controls are crucial controls. Many of the access decisions are now made not based on networking structure but rather on roles and permissions. In this episode we talk (again) with Shira Shamban, founder at Solvo about cloud IAM challenges - why is it so hard to get IAM right and how Solvo is planning to revolutionize the IAM management process. 

Timing:

0:00 Introducing our guest

3:00 Introducing cloud identity challenges 

6:20 Why role management is not enough

11:40 Why we fail to create least-privilege-roles  

15:10 How to manage IAM securly - the people angle

18:13 How to manage IAM securly - the process angle

21:08 How to manage IAM securly - the technology angle

31:08 Summary and last words

Other Episodes

Episode 33

January 18, 2021 00:31:24
Episode Cover

Episode 33: Researching Cloud Vulnerabilities

Attendees Guest: Asaf Hecht  Guest Title: Security research team leader Company: CyberArk  Abstract With the growth of cloud services, more knowledge is gathered on vulnerabilities and misconfigurations in cloud infrastructure. A great deal of this knowledge is coming from cloud security researchers. In this episode, we host Asaf Hecht, Security research team leader At Cyberark, for a conversation about cloud security research and the vulnerabilities they disclose are various cloud vendors.  ...

Listen

Episode 22

August 03, 2020 00:32:39
Episode Cover

Episode 22: How To Do Add Open Source Code To Your Applications, Securely

Attendees Guest: Liran Tal Guest title: Developer Advocate Company:  Synk Abstract Open source software takes a big part in our daily lives, and also in our development environments. Many applications developers rely on open source libraries &  tools and integrating it into their code. This is a great improvement for developers allowing them to innovate quickly and efficiently. But all this good comes with a big responsibility - open source software should be carefully examined in order to make sure its reliability. In this episode we talk with Liran Tal from Synk about the growing importance of adding security evaluation of open source software in the development cycle. Timing:  0:00 introducing our guest 5:50 what is the challenge of open-source security 10:05 - open source security - the people angel 16:00 - open source security - the process angel 24:55 - open source security - the technology angel 29:42 summary and last words ...

Listen

Episode 8

September 24, 2019 00:27:26
Episode Cover

Episode 8: Securing The World of IoT

Attendees Guest: Beau Woods Guest title:  Member Company:  We-Are-The-Cavalry, Atlantic Council Abstract IOT devices such as Medical embedded devices, autonomous vehicle and smart homes are currently the Achilles heel of information security. The technology is advancing fast, but the security frameworks are not advancing at the same pace. In this episode we talk with Beau woods, founder for I-am-the-cavalry, about the steps governments, regulators and vendors should take in order to produce safer IOT devices. Timing   0:00 Intro and introducing our Beau activities and I-AM-The-Cavalry community   5:20 What are the unique challenges of IOT security?  9.05  It is not a question of connectivity 11:35   How do better engineer IOT devices - fail fast, detect failure and maintain an ability to fix failures 17.15 Engineering is not enough - how the IOT consumers should be trained for and aware of 22.20 Summary and conclusions   ...

Listen