Best Kaizenteq Team Podcasts (2024)

1
Cloud Native Strategies from a FinTech CISO 21:56

2h ago21:56

21:56

What are you doing differently today that you're stopping tomorrow's legacy? In this episode Ashish spoke to Adrian Asher, CISO and Cloud Architect at Checkout.com, to explore the journey from monolithic architecture to cloud-native solutions in a regulated fintech environment. Adrian shared his perspective on why there "aren't enough lambdas" and …

1
Fixing Cloud Security with AWS Lambda 21:25

17m ago21:25

21:25

How to secure AWS cloud using AWS Lambda? We spoke to Lily Chau from Roku at BSidesSF about her experience and innovative approach to tackling security issues in AWS environments. From deploying IAM roles to creating impactful playbooks with AWS Lambda, Lily shared her take on automating remediation processes. We spoke about the challenges of manag…

1
What is confidential computing? Explained for 2024 22:10

1h ago22:10

22:10

How can you protect your data with Confidential Compute and Containers? Ashish spoke to Zvonko Kaiser, Principal Systems Software Engineer, Confidential Containers and Kubernetes at Nvidia about confidential containers, confidential computing, and their importance in protecting sensitive data. They speak about the various threat models, use cases, …

1
The Evolution of Infrastructure as Code so far - 2024 Edition 27:46

4d ago27:46

27:46

How to implement infrastructure as code? Ashish spoke to Armon Dadgar. Co-Founder and CTO at HashiCorp at Hashidays London. Armon speaks about his journey from co-creating Terraform, the first open-source language in the IaC space, to addressing the complex challenges enterprises face in cloud environments today. They speak about why having a platf…

1
What is AI-SPM? 23:28

1M ago23:28

23:28

What is the future of AI Security and Data Protection? At AWS re:Inforce in Philadelphia this year, Ashish spoke to Dan Benjamin, Head of Data, Identity and AI Security at Prisma Cloud about the new category of AI-SPM (Artificial Intelligence Security Posture Management) and why does it fit within all the other toolings organisations have. They spo…

1
Creating Effective Sigma Rules with AI 22:21

1M ago22:21

22:21

Can Threat Detection be enhanced with AI? Ashish sat down with Dave Johnson, Senior Threat Intelligence Advisor at Feedly, at BSides SF 2024, where Dave also presented a talk. Dave shares his journey in cyber threat intelligence, including his 15-year career with the FBI and his transition to the private sector. The conversation focuses on the inno…

1
What is the future of security operations with AI in 2024? 23:09

2M ago23:09

23:09

How can AI impact Cloud Security Operations? Ashish sat down with Ely Kahn, VP of Cloud Security and AI at SentinelOne to talk about the evolving landscape of cloud security and the future of Security Operations Centers (SOC). Ely spoke about the shift from centralized to decentralized SOC operations, the increasing complexity in cloud security and…

1
Cloud Native Security Strategies for 2024 31:00

2M ago31:00

31:00

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world. We speak about the significa…

1
Real-World Cloud Security Challenges and Solutions Explained for 2024 59:23

3M ago59:23

59:23

What are the practical steps for orienting yourself in a new cloud environment? Ashish sat down with Rich Mogull and Chris Farris to explore the intricacies of effective cloud security strategies. Drawing on their extensive experience, Rich and Chris speak about critical importance of moving beyond just addressing vulnerabilities and embracing a mo…

1
Why Least Privilege Matters in Cloud Security? 26:45

3M ago26:45

26:45

What's the best way to navigate least privilege complexities in a multi cloud environment? And how is the role of identity management evolving? We spoke to Jeff Moncrief from Sonrai Security on why identity is the new network in the cloud-driven world. We speak about the challenges of implementing least privilege in cloud environments, the misconce…

1
How is Kubernetes Network Security Evolving? 20:19

3M ago20:19

20:19

How is eBPF impacting Kubernetes Network Security? In this episode, recorded LIVE at Kubecon EU Paris 2024, Liz Rice, Chief Open Source Officer at Isovalent took us through the technical nuances of eBPF and its role in enabling dynamic, efficient network policies that go beyond traditional security measures. She also discusses Tetragon, the new sub…

1
The Future of Software Development with AI 38:16

3M ago38:16

38:16

How can we leverage AI for more secure and efficient code and how will it impact devsecops? Ashish spoke to Michael Hanley, CSO and SVP of Engineering at GitHub, about the transformative impact of GitHub Copilot and AI on software development and security. Michael speaks about GitHub's internal use of Copilot for over three years and its role in en…

1
The role of Real Time Defense in Cloud Security 21:35

4M ago21:35

21:35

In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its critical role in protecting Kubernetes environments, and the future ro…

1
CISO's guide to embracing risk in business 48:59

4M ago48:59

48:59

What is it like to build a successful business based on risk? In this episode Ashish spoke to Fredrick Lee, CISO at Reddit. FLee shared his deep insights into the essential role of risk in driving business success and innovation. With a career that spans across notable tech giants like Square (now Block), Twilio, and Gusto, Lee brings a wealth of e…

1
Why Email Breaches Still Happen? 30:02

4M ago30:02

30:02

Lets talk about the Evolution of Email Security. We have been speaking about Email Security for years but why has it not been solved? We spoke to Abhishek Agrawal, Co-founder of Material Security about the fact that despite of decades of advancements, email security remains a critical concern, with sophisticated attacks continually bypassing tradit…

1
Essential Strategies to master Incident Response in Cloud 45:49

4M ago45:49

45:49

How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of applying on-premise incident response plans to cloud environments. They speak about the critical metrics of mean time to detect, respond, and recover…

1
From Code Suggestions to Security 21:23

5M ago21:23

21:23

What is GitHub Copilot? Its a AI-powered coding assistant that's redefining how developers write code. We spoke to Joseph Katsioloudes, a security specialist from the GitHub Security Lab. We spoke about how GitHub Copilot has been designed to serve not just developers but security professionals and others involved with code, enhancing productivity,…

1
Cloud Security Operations for Modern Threats 35:49

5M ago35:49

35:49

How is your Cloud Incident Preparedness? Is your CSPM enough? Ashish spoke to Ariel Parnes, Co-Founder and COO at Mitiga about the concept of "Assume Breach" and its importance in developing a proactive cloud security framework. If you are looking to understand the nuances of of cloud incident response and being prepared for them, the effectiveness…

1
Understanding Threat Modeling in Cloud 50:06

5M ago50:06

50:06

Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organizations should approach threat modeling in cloud to enhance their security posture. Tyson and Ashish go through the practical steps required for effect…

1
Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis 17:56

5M ago17:56

17:56

What is the role of AI in Legal Research and Data Security? We spoke to Matt McKeever, CISO and Head of Cloud Engineering at LexisNexis, a company that uses GenAI and Custom LLM models to help its customers with legal research, guidance and drafting. Matt spoke to us about intersection of cloud engineering, cybersecurity and the revolutionary impac…

1
Sidecar Container Vulnerability in Kubernetes explained 15:32

6M ago15:32

15:32

Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing …

1
Role of application security posture management in cybersecurity 40:09

6M ago40:09

40:09

Navigating modern application security in a world of Cloud, DevSecOps and now AI is getting rather complex. We spoke to Idan Plotnik, who has 24 years of cybersecurity experience under his belt and is the Co-Founder of Apiiro about world of Application Security Posture Management (ASPM) and their relevance in both large and small organizations. Ida…

1
Cybersecurity Best Practices and Password Security in Cloud and AI 29:59

6M ago29:59

29:59

We caught up with Troy Hunt and Scott Helme at NDC Security Oslo 2024 to talk about best practices when it come to decoding TLS, password security and data breaches in cloud and AI. Troy Hunt, known for his work with haveibeenpwned.com, spoke to us about the complexities of cloud deployment and paradox of data input versus privacy risk in Large Lan…

1
Multicloud strategy for AWS and GCP 27:29

7M ago27:29

27:29

What is a good multicloud strategy in 2024? We spoke to Vivek Menon, CISO for Digital Turbine about the maturity and security capabilities of major cloud service providers, AWS and GCP. Vivek spoke about the journey from on-premise to multi-cloud landscapes, the strategic approaches to cloud security in 2024, and the unique challenges that teams fa…

1
AI's Role in Security Efficiency - Kubernetes Edition 20:07

7M ago20:07

20:07

Dive into the world of AI and Kubernetes with Shopify's Shane Lawrence in this episode of the Cloud Security Podcast. Shane, shares his experience in the security team at Shopify and working on the intersection of AI, Large Language Models (LLMs), and Kubernetes security. Shopify is looking to pioneer the use of AI to streamline developer operation…

1
Build an Effective AWS Cloud Security Program in 2024 48:55

7M ago48:55

48:55

How can you build a robust cloud security program in AWS, particularly as a startup and small to medium-sized businesses navigating AWS in 2024? We spoke to Chris Farris, who is the event chair for fwd:cloudsec, a known cloud security expert and one of the first AWS Heroes for security. Chris shared his insights on how to build a security strategy …

1
Offensive Cloud Security Program for 2024 22:32

8M ago22:32

22:32

Is Offensive Security part of your 2024 Security Roadmap? We caught up with Sam Kirkman, Director at NetSPI EMEA at BlackHat Europe 2023 about what an Offensive Security Roadmap going into 2024 should look like. Offensive security is much more than pentesting. We spoke about how to build a capable team, different maturity stages of building such a …

1
Understand Your Cloud Security Landscape to cut through the noise! 27:16

8M ago27:16

27:16

Cloud Security environments looks very complex in 2023, and it will continue to evolve in 2024 now with AI. At AWS re:Invent 2023 this year, we sat down with Alex Jauch, Senior Director of Product Management at Outshift to talk about the complexities in Cloud Security, the role of GenAI and what can be items to consider for your 2024 Cloud Security…

1
Kubernetes Security Trends 2024 | Software Supply Chain Security, Zero Trust and AI 33:11

8M ago33:11

33:11

Kubernetes is shaping the future of cloud native technology with interest from security folks, businesses and developers - what does the future of Kubernetes Security look like? At Kubecon NA 2023, we spoke to Emily Fox who is the chair of CNCF's Technical Oversight Committee and Software Engineering Lead at RedHat about how Zero Trust plays out in…

1
Kubernetes Network Security for Multi Tenancy 26:22

8M ago26:22

26:22

Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant …

1
AWS reInvent 2023 - Security highlights and announcements 56:00

8M ago56:00

56:00

Cloud Security Podcast just got back from AWS re:invent 2023, there was a lot of chat around, you guessed it - GenAI but along with that there were plenty of security updates and announcement. Shilpi and Ashish broke them all down for you and what it all actually means for all security practitioners. Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSe…

1
eBPF - Kubernetes Network Security without the Blind Sides! 23:23

8M ago23:23

23:23

eBPF is recent graduate in the CNCF family and this means that the world of Cloud and Kubernetes, networking looks very different with more security capabilities. Cilium the project from Isovalent has been gaining traction for network security for kubernetes as blindsides have been called out in the managed kubernetes deployments. This episode was …

1
Attack Path Analysis for Better Kubernetes Security 21:13

9M ago21:13

21:13

Kubernetes security cannot just be Kubernetes but it is like security of a datacenter within another datacenter. In this episode with Tim Miller we spoke about CNAPP, how to approach kubernetes security. Thank you to our episode sponsor ⁠Outshift by Cisco Guest Socials: Tim's Linkedin ⁠(⁠@timothyemiller⁠)⁠ Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@Clo…

1
Secure your SaaS applications like this! 42:43

9M ago42:43

42:43

SaaS Applications support large companies, small startups. We inevitably accumulate SAAS applications to manage our employees, payroll, communication with things like Workday, Slack, Salesforce and now even things like ChatGPT. But how do you find out what you have and if they are secure. We spoke about all things SSPM with Max Feldman who has done…

1
Threat Detection for not so Common Cloud Services 34:44

9M ago34:44

34:44

Threat detection is often limited to popular cloud services, so whats happening to all the "not so popular or commonly known" cloud services in your environment? We are speaking to Suresh Vasudevan, CEO of Sysdig about challenges typically companies find with this space and what should be the approach for threat detection. If you feel you are looki…

1
How to Escape Clusters in a Managed Kubernetes Cluster? 59:01

9M ago59:01

59:01

Not Escaping Containers but escaping Clusters - Managed Kubernetes distributions such as Amazon EKS, Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS) attack vectors can allow you to reach the underlying AWS Account etc. In conversation with Christophe Tafani-Dereeper & Nick Frichette, from Datadog on how this is possible in Amazon …

1
Have I lost my Secrets? 29:00

9M ago29:00

29:00

You know that feeling when you are unsure if you AWS secret that leaked is still available for use. There is no easy way to check this apart from looking in AWS to see if anyone used it. Turns out there could be another way.We have Ziad Ghalleb from GitGuardian to share free tool they released to help people look up if their secret was exposed on G…

1
How to become a Senior Cloud Security Engineer? 33:11

9M ago33:11

33:11

Nick McLaren is a Senior Cloud Security Engineer at an Enterprise and he transitioned to this role from a Cloud Security Engineer at a Startup. On this episode he shared with us, how the roles differ between an enterprise and startup, what skills you require to become a senior cloud security engineer and what a day look like in a life of cloud secu…

1
5 Skills to Level Up Your Cloud Hacking 15:45

10M ago15:45

15:45

BlackHat 2023 and Defcon 31 Roundup were the breeding ground for new and existing hackers to come together and share what to look out for in 2023 and 2024. The skills that stood out were- Identity- Cloud Infrastructure Security- CI/CD Security- Preventative Security- Data Security Do you agree? Episode YouTube: ⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Hos…

1
Become a Cloud Native CISO in 2023 37:16

10M ago37:16

37:16

Michael Piacente has been helping companies find Security Executives (CISO) for a long time for some household name companies like Lyft, Instacart, Airbnb and more . In episode we speak about his current passion for Cloud Native CISOs what they are and what kind of skills should they work on to become CISO in the Cloud native world most organizatio…

1
Software Supply Chain Controls for Terraform 40:12

11M ago40:12

40:12

Understanding Software Supply Chain security threats for Terraform which has been the default for Infrastructure as Code is important. in this episode Mike Ruth is sharing his experience of working on securing Terraform Cloud/Terraform Enterprise - no open source was harmed in the making of this episode. Episode YouTube: ⁠⁠⁠ ⁠⁠⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠⁠…

1
Data Security RoadMap in 2023 17:21

11M ago17:21

17:21

DSPM or Data Security Posture Management with Yotam Segev from Cyera: Most security teams have known about data challenges in their organization and some of them are put in the too hard to solve right now bucket. Yotam came on the show to talk about who should own and manage data security programs and what can a data security roadmap look like for …

1
The Cloud to Code Dilemma - Let's Talk 24:56

11M ago24:56

24:56

Is it code to cloud or cloud to code with Harshil Parikh from Tromzo: A lot of leaders today face the inevitable question of should i start with the code or the cloud first. Harshil Parikh from Tromzo was kind enough to share his CISO experience on the topic on what each of these are and what can CISOs priortise in their programs. Episode YouTube: …

1
CISO Perspective: Josh Lemos, CISO of Gitlab 20:01

11M ago20:01

20:01

Josh Lemos former CISO of Block and the current CISO of GitLab comes from a pentester background and made his way to become a CISO. We were lucky enough to interview him during the hacker summer camp on his journey, his experience in AI, takeaway from BH CISO summit and types of CISOs & more.Episode YouTube: ⁠⁠ ⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠ Host Twitter: As…

1
The Azure Cloud Security Pentesting Skills You NEED! 29:14

11M ago29:14

29:14

Karl Fosaaen, the author of Penetration Testing "Azure for Ethical Hacker" and the VP of Research at NetSPI, came as a guest to share why the penetration Test of a Web Application hosted on Azure Cloud in 2023 is quite different to just a simple/traditional web app pentesting and the skills you need to pentest Azure environments.Cloud Penetration t…

1
How to detect software supply chain attacks with Honeytokens? 19:09

12M ago19:09

19:09

Can Honeytokens be used in your supply chain security? Turns out we can! We spoke to Mackenzie Jackson ( @advocatemack ) from @GitGuardian about the benefits of using Honeytokens, which organisations can benefit from them and whats involved in deploying them and next steps once they are triggered. Episode YouTube: ⁠ ⁠⁠Video Link⁠⁠⁠⁠⁠ Host Twitter: …

1
Google Cloud Security Pentesting Methodology 37:11

12M ago37:11

37:11

Penetration Test of a Web Application hosted on Google Cloud in 2023 is quite different to just a simple/traditional web app pentesting. Cloud Penetration testing is misunderstood to be just config review in Google Cloud. In this video, we have Kat Traxler who is a cloud security researcher, SANS Course author and has worked in the Google Cloud spa…

1
Network Pentest 2.0 : The Cloud Pentest Revolution 54:03

12M ago54:03

54:03

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bish…

1
Google Cloud Hacking Red Team Perspective! 32:43

1y ago32:43

32:43

Google cloud hacking or pentesting is very different to other popular cloud service providers like aws or azure. In this episode we had Shannon McHale (Mandiant now Google Cloud) to talk about how she approaches pentesting a google cloud environment and how you can too. Episode YouTube: ⁠ Video Link⁠⁠⁠ Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠@hashishraj…

1
Cloud Security in the BoardRoom - CISO Perspective with Phil Venables 40:41

1y ago40:41

40:41

CISOs in organizations that are going through digital transformation have a responsibility of educating the board on how Cloud Security is measured and improved on to manage the risk posture of the organization. We had Phil Venables, CISO of Google Cloud share from his experience of serving as a CISO for so many years on how to best share cybersecu…

Podcasts Worth a Listen

Kaizenteq Team Podcasts

Podcasts Worth a Listen

Quick Reference Guide