Episode 26: Current Challenges With Cloud

Episode 26 September 16, 2020 00:49:26
Episode 26: Current Challenges With Cloud
SilverLining IL
Episode 26: Current Challenges With Cloud
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

This is a special episode where both of us (Moshe & Ariel – no guests this time) discuss the future of cloud computing and challenges that should be solved. We take a detailed look at shortage in manpower and knowledge, privacy laws and their influence on innovation and technology challenges such as multi tenancy, APi’s, encryption, continuous monitoring and more.

Agenda

Opening words  - 5 min 

  1. introducing the podcast  - Moshe / Ariel 
  2. Introducing our guest - Ariel
  3. Introducing myself - Moshe
  4. Introducing the topic and context of the podcast - Moshe 

Security challenges  

People

Process

Technology

Closure (5 min)

  1. Moshe - Summersing 
  2. Ariel - closing 

Other Episodes

Episode 38

May 12, 2021 00:32:43
Episode Cover

SilverLining Episode 38: Cloud Native Security Foundations

Attendees Guest: Gadi Naor  Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach. ...

Listen

Episode 21

August 03, 2020 00:26:59
Episode Cover

Episode 21: Building The Next Generation Of Cloud Services

Attendees Guest: Eran Feigenbaum Guest title:  CSO, Oracle Cloud Abstract The first generation of cloud services began about 15 years ago and stretched until now, but it came with many built-in challenges due to lack of maturity and the fact that security was added on top and not present from the start. In this episode we talk with Eran Feigenbaum, CISO of Oracle cloud about the next generation of cloud services - how can we build cloud that is more secure,, immuned to miss-configuration and other pitfalls that are relevant to today's cloud services. Timing: 0:00 introducing our guest 5:40 Generation one of cloud infrastructure 8:40 so what is second generation of cloud infrastructure 10:30 how Oracle is planning to change the cloud market 11:40 how second generation cloud services can help with common mistakes such as misconfiguration 13:35 what cloud provider should do in order to increase security 16:05 how cloud providers can  be proactive with their customers 19:00 handling miss-configuration such as open buckets and lost API’s keys 23:40 summary and last words ...

Listen

Episode 17

August 02, 2020 00:37:03
Episode Cover

Episode 17: How to do penetration testing in cloud application

Attendees Guest: Oz Avenstein Guest Title:  Founder Company:  Avensec Abstract Penetration tests are one of the strongest controls that we use. It is testing the overall resilience of our application and allows us to be more confident in our workloads. But in the cloud era, cloud applications pen testing needs to be coordinated with the providers. In this episode we talk with Oz Avenstein, an application security expert, about the challenges of cloud penetration testing and how to do it correctly. Timing: 0.50 introducing our guest 3.40 How is cloud penetration tests different from regular pen tests? 5.01 elaborating about IaaS/PaaS particular pen test policies  8.45 pen testing SaaS applications  11.05 relaying on 3rd party pen testing 12.02 cloud pen test considerations and phases 17.35 the actual pen testing  21.20 the reporting phase 23.40 incorporating pen test into applications development cycle  34:00 Summary and last words   ...

Listen