Episode 7: Creating Trust in Cloud

Episode 7 September 02, 2019 00:36:26
Episode 7: Creating Trust in Cloud
SilverLining IL
Episode 7: Creating Trust in Cloud
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Damir Savanović

Guest title: Senior researcher

Company: Cloud Security Alliance

Abstract

Creating trust is one of the major challenges for cloud providers and consumers, without trust customers will not be able to move workloads into cloud environments, but trust is a very elusive term that is hard to achieve. In  this episode we talk with Damir Savanović from the Cloud Security Alliance on how cloud providers and consumers can use certifications for increasing trust and how is CSA preparing to the new requirements of continuous monitoring that are arriving with the new EU cyber laws.

Timing

0:00

Intro and introducing our guest and overview of Damir activities in the area of cloud security

5:40

Introducing Cloud Security Alliance activities and major projects (STAR and CCSK)

9.17 

The true meaning of trust in cloud computing. Using attestation and certification for establishing trust

14:50  

The difference between certification and attestation and the effect of the new EU cybersecurity law on compliance

17.50

Understanding CSA STAR methodology from self assessment to certification or attestation and continuous monitoring

24.20

Behind the scenes of continuous monitoring - the CSA STAR methodology 

32.00

Summary and conclusions

Other Episodes

Episode 34

February 08, 2021 00:49:02
Episode Cover

Episode 34: PayPal cloud journey

Attendees Guest: Assaf Keren Guest Title: VP, Enterprise Cyber Security Company: PayPal Abstract PayPal is one of the most interesting organizations in the world in terms of security. The combination of online presence with the unique line of business is making PayPal one of the most secure hi-tech companies and one of the most innovative financial institutions.  In this episode, we hosted Assaf Keren, VP of enterprise cyber security, for a discussion about PayPal’s cloud journey from traditional on-premise to the multi-cloud / multi-locations giant they are now, and how COVID-19 is changing Paypal’s digital journey with their customers & employees.     ...

Listen

Episode 8

September 24, 2019 00:27:26
Episode Cover

Episode 8: Securing The World of IoT

Attendees Guest: Beau Woods Guest title:  Member Company:  We-Are-The-Cavalry, Atlantic Council Abstract IOT devices such as Medical embedded devices, autonomous vehicle and smart homes are currently the Achilles heel of information security. The technology is advancing fast, but the security frameworks are not advancing at the same pace. In this episode we talk with Beau woods, founder for I-am-the-cavalry, about the steps governments, regulators and vendors should take in order to produce safer IOT devices. Timing   0:00 Intro and introducing our Beau activities and I-AM-The-Cavalry community   5:20 What are the unique challenges of IOT security?  9.05  It is not a question of connectivity 11:35   How do better engineer IOT devices - fail fast, detect failure and maintain an ability to fix failures 17.15 Engineering is not enough - how the IOT consumers should be trained for and aware of 22.20 Summary and conclusions   ...

Listen

Episode 31

December 23, 2020 00:32:14
Episode Cover

Episode 31: Understanding Cloud Native Security Basics

Attendees Guest: Benjy Portnoy Guest Title: Sr. Director, Solution Architects Company: Aqua Security Abstract A cloud-native security strategy entails protecting the infrastructure, build, and running workloads. In this episode, we spoke with Benjy Portnoy, Sr Director of Solution Architects at Aqua Security regarding cloud-native security fundamentals. We also delve into various attacks identified in the recently published Cloud Native Threat Report by Aqua's security research team, Nautilus. Timing 0:00 introducing our guest 2:50 what is cloud native security 5:11 Sorting out between CWPP, CSPM & DevSecOps 8:01 Protecting the build, the platform and workload 10:30 Understanding what is CASB  12:45 diving into the kinsing attack 29.11 Summary and last words ...

Listen