Episode 26: Current Challenges With Cloud

Episode 26 September 16, 2020 00:49:26
Episode 26: Current Challenges With Cloud
SilverLining IL
Episode 26: Current Challenges With Cloud
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

This is a special episode where both of us (Moshe & Ariel – no guests this time) discuss the future of cloud computing and challenges that should be solved. We take a detailed look at shortage in manpower and knowledge, privacy laws and their influence on innovation and technology challenges such as multi tenancy, APi’s, encryption, continuous monitoring and more.

Agenda

Opening words  - 5 min 

  1. introducing the podcast  - Moshe / Ariel 
  2. Introducing our guest - Ariel
  3. Introducing myself - Moshe
  4. Introducing the topic and context of the podcast - Moshe 

Security challenges  

People

Process

Technology

Closure (5 min)

  1. Moshe - Summersing 
  2. Ariel - closing 

Other Episodes

Episode 29

November 25, 2020 00:36:09
Episode Cover

Episode 29: Cloud Identity Governance - understanding challenges

Sponsored By: Attendees Guest: Arick Goomanovsky Guest title: Co-Founder & Chief Business Officer Company: Ermetic Abstract In cloud platforms, identity and permissions are the most important control that customers get to implement. Network segmentation and other traditional controls are often ineffective and access to resources is determined by a mixture of roles & policies. This mixture can become very complex and difficult to lock down. In this episode, we are hosting Arick Goomanovsky, Chief Business Officer at Ermetic, to discuss Cloud identity and access challenges, and to review real life examples of what can happen when neglecting identity and access entitlements in cloud infrastructure. Mail to: [email protected] Timing: 0:00  Introducing our guest and Ermetic 2:21  Understanding Identity Governance 4:40  Cloud identity challenges 10:55 Dealing with identity challenges by adding visualization and analysis of permissions 16:30 Who are the organizational stakeholders relevant? 22:01 Examples for IAM challenges and outbreaks 22:25 Example 1: Protecting sensitive resources 26:25 Example 2: Third party access 29:49 Example 3: The visibility challenge when using SSO 31:30 Summary and final words ...

Listen

Episode 38

May 12, 2021 00:32:43
Episode Cover

SilverLining Episode 38: Cloud Native Security Foundations

Attendees Guest: Gadi Naor  Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach. ...

Listen

Episode 14

January 14, 2020 00:30:45
Episode Cover

Episode 14: DevOps Secret Management

Attendees Guest: Oded Hareven Guest title:  Founder & CEO Company:  A-Key-Less Abstract Application Secret management is becoming one of the biggest challenges for application security. With cloud, CI/CD and micro services architecture we discover that we are using a growing number of encryption keys, API keys, SSH keys tokens and connection strings. In this episode we talk with Oded HarEven, Founder at A-Key-Less about the challenges of secret management and the way to build secure secret management solution. Timing 0:00 Intro and introducing our guest 1:40 Application secret management  - defining what secret is, and what is secret management 6.00  Challenges with encryption keys  9:47   How to handle application secret management and encryption keys - requirements and best practices 12.25 Zero trust in key management - what does it mean and how to implement it 20:10 The process of integrating keys with cloud platform 25:35 A-Key-Less state of the market approach 27.35 Summary and conclusions ...

Listen