SilverLining Episode 38: Cloud Native Security Foundations

Episode 38 May 12, 2021 00:32:43
SilverLining Episode 38: Cloud Native Security Foundations
SilverLining IL
SilverLining Episode 38: Cloud Native Security Foundations
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Gadi Naor 

Guest Title: VP Software Engineering, Cloud Security @ Rapid7

Topic: Cloud Native Security Foundations

Abstract

Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to better understand the guidelines, we hosted Gadi Naor, VP Software Engineering, Cloud Security @ Rapid7, and co-author of the guidelines, for a conversation about what is cloud native security and why & how organizations should adopt this approach.

Other Episodes

Episode 39

June 23, 2021 00:29:08
Episode Cover

SilverLining Episode 39: Securing API Services

Attendees Guest: Oz Avenstein Guest Title: Founder & CEO @ Avensec - Cloud & Application Security Topic: Securing API Services   Abstract The applicative infrastructure is becoming more and more complex due to different requirements, design patterns, and technologies. In many of these cases, one of those requirements is to connect other parties to systems, and in other cases, to connect systems to other parties. Nowadays, the most common connection method is to use Application Programming Interfaces (APIs). In this episode we spoke with Oz Avenstein, co-author of the CSA Security Guidelines for Providing and Consuming APIs about the guidelines creation process and how organizations should secure access to API resources. ...

Listen

Episode 50

May 11, 2022 00:24:30
Episode Cover

SilverLining Episode 50: Building security workflow at scale

Guest: Ravid Circus Guest title: Co-Founder, Seemplicity Language: English   Abstract As organizations develop more software, and in faster cycles, greater responsibility is laid on security teams who have a full-stack responsibility for infrastructure, applications, IT services and many other aspects in the business. In this episode we spoke with Ravid Circus co-founder and CPO at Seemplicity to understand how security teams can efficiently scale their risk reduction efforts and interact with their counterparts productively by using digital workflows  for security operations. ...

Listen

Episode 9

October 29, 2019 00:35:01
Episode Cover

Episode 9: Challenges With Cloud Management Logs

Attendees Guest: Shira Shamban Guest title:  Cloud Security Company:  Check Point (Dome9) Cloud providers has invested heavily in adding visibility, monitoring and logging capabilities of networking and administrative activities. In this session with talk with Shira Shamban, a cloud security expert from Check Point about the challenges of collecting the different logs exist in cloud platforms and the challenges of gaining insights from them. Abstract Cloud providers has invested heavily in adding visibility, monitoring and logging capabilities of networking  and administrative activities. In this session with talk with Shira Shamban, a cloud security expert from Check Point about the challenges of collecting the different logs exist in cloud platforms  and the challenges of gaining insights from them.  0:00 Introducing Shira and her activities in CheckPoint and community activities (Security-Diva, CSA Top Threat working group, OWASP-IL)  11:55 Introducing the challenges of cloud log management: enabling correctly,  long term storage, analysis challenges, lack of info  19.45  The challenges of monitoring cloud assets using IP addresses  21:25   How to properly do cloud based log collection: Enrichment, external threat service 24.20 Values of log visualization  28.05 Log storage management 31:21 Summary and last words ...

Listen