In this episode of the Virtual Coffee with Ashish edition, we spoke with Mark Manning ( @antitree ) is the Principal Security Architect at Snowflake( @SnowflakeDB ). Before this he used to run Kubernetes Risk Analysis at NCC Group ( @NCCSECURITYUS ) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Cloud Security Academy: www.cloudsecuritypodcast.tv/cloud-security-academy Host Twitter: twitter.com/hashishrajan Guest Twitter: twitter.com/antitree Podca...
May 09, 2021•50 min•Season 2Ep. 20
In this Study Hall - Ashish goes through WHAT IS Kubernetes? What Kubernetes is NOT? & Should you start refactoring or building infrastructure in Kubernetes today? For Similar Topics covered in other episode of Cloud Security Podcast visit: www.cloudsecuritypodcast.tv Cloud Security Academy: www.cloudsecuritypodcast.tv/cloud-security-academy Host Twitter: twitter.com/hashishrajan Guest Twitter: twitter.com/itascode Podcast Twitter - @kaizenteq To ASK questions from our Guest SUBSCRIBE TO OUR...
May 05, 2021•11 min
In this episode of the Virtual Coffee with Ashish edition, we spoke with Madhu Akula ( @madhuakula ) is an international Kubernetes Security Public Speaker, Black Hat Trainer, Creator of open source repo Kubernetes Goat, Security Researcher and Security Engineering at Miro ( Miro ). Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Cloud Security Academy: www.cloudsecuritypodcast.tv/cloud-security-academy Host Twitter: twitter.com/hashishrajan Guest T...
May 02, 2021•50 min•Season 2Ep. 19
In this episode of the Virtual Coffee with Ashish edition, we spoke with Geoff Belknap ( @geoffbelknap ) is the Chief Security Officer of Linkedin ( @LinkedIn ). In this episode, Geoff & Ashish spoke about What was your path into your current role What does Cloud Security mean for you? What it’s like to be a CISO? What do you see as a change in the CyberSecurity industry that has bought through COVID "Talking to the board is the easy part. Adding value to their thinking is hard." - could you...
Apr 27, 2021•53 min•Season 2Ep. 18
In this Study Hall - Kelsey Hightower explains is it really complex to learn Kubernetes and whether it's really complex. Nothing but the Honest Trust from Kelsey on this episode. Full Episode on Cloud Security Podcast: www.cloudsecuritypodcast.tv Cloud Security Academy: www.cloudsecuritypodcast.tv/cloud-security-academy Host Twitter: twitter.com/hashishrajan Guest Twitter: twitter.com/kelseyhightower Podcast Twitter - @kaizenteq If you want to watch videos of this and previous episodes: - Youtub...
Apr 27, 2021•5 min
In this episode of the Virtual Coffee with Ashish edition, we spoke with Ashwin Patil ( @ashwinpatil ) who is a returning guest from Season 1 of the Cloud Security Podcast. Ashwin is a Senior Program Manager at Microsoft ( @Microsoft ). Last time Ashwin came to speak about Threat Intelligence in Azure - Click here to checkout the Season 1 Episode here . In this episode, Ashwin & Ashish spoke about Threat Detection Pre- Cloud and In Cloud Who should be doing threat hunting? TTP - Tactics Tool...
Apr 18, 2021•50 min•Season 2Ep. 17
In this episode of the Virtual Coffee with Ashish edition, we spoke with Ohad Maishlish is the CEO & Co-Founder of env0. Host: Ashish Rajan - Twitter @hashishrajan Guest: Ohad Maislish - Linkedin In this episode, Ohad & Ashish spoke about Three Stages DataCentre Evolution Governance in Cloud using IaC Challenges with IaC in companies of different scale - Startup vs Enterprise? How to get started in IaC for Governance in Cloud? Would IaC become a standard for anyone doing cloud deployment...
Apr 11, 2021•41 min•Season 1Ep. 16
In this episode of the Virtual Coffee with Ashish edition, we spoke with Kelsey Hightower ( @kelseyhightower ) is the Staff Advocate at Google Cloud ( @GoogleCloud ) and co-author of “Kubernetes: Up and Running: Dive Into the Future of Infrastructure.” Host: Ashish Rajan - Twitter @hashishrajan Guest: Kelsey Hightower ( @kelseyhightower ) In this episode, Kelsey & Ashish spoke about What is Kubernetes and Why is it so popular ? Should Senior Leadership within organisations consider Kubernete...
Apr 04, 2021•55 min•Season 1Ep. 15
In this episode of the Virtual Coffee with Ashish edition, we spoke with Yoni Leitersdorf ( @yonadavl ) who is the CEO & Co-Founder of Indeni Host: Ashish Rajan - Twitter @hashishrajan Guest: Yoni Leitersdorf ( @yonadavl ) In this episode, Yoni & Ashish spoke about What is digital transformation and why do we need it? Infrastructure as Code and Infrastructure as Code Security What drives digital transformation? Who owns infrastructure as code in organisations? Do security folks need to k...
Mar 28, 2021•44 min•Season 1Ep. 14
In this episode of the Virtual Coffee with Ashish edition, we spoke with John Savill ( Linkedin_John Savill ) is the Principal Cloud Architect, Author and YouTuber. Host: Ashish Rajan - Twitter @hashishrajan Guest: John Savill ( Linkedin_John Savill ) In this episode, John & Ashish spoke about How is security different between Cloud Security vs On-Prem Security? How does one track API/User Activity across Azure implementation? What are some of the security products in Azure that are good pra...
Mar 21, 2021•58 min•Season 2Ep. 13
In this episode of the Virtual Coffee with Ashish edition, we spoke with Barak Schoster Goihman ( @barakschoster ) is the Co-Founder and CTO of Bridgecrew ( @Bridgecrewio ). Host: Ashish Rajan - Twitter @hashishrajan Guest: Barak Schoster Goihman @barakschoster In this episode, Barak & Ashish spoke about What is Infrastructure as Code Security Application Security vs Infrastructure as Code Security - are they same? What is DevSecOps? Where should one start? Ansible? Terraform? Kubernetes? Sa...
Mar 14, 2021•39 min•Season 2Ep. 12
In this episode of the Virtual Coffee with Ashish edition, we spoke with Toni de la Fuente ( @toniblyx ) is the Senior Security Consultant at AWS ( @AWSCloud ) and author of Prowler - AWS Security Tool. Host: Ashish Rajan - Twitter @hashishrajan Guest: Toni de la Fuente @toniblyx In this episode, Toni & Ashish spoke about What is Cloud Security Assessment? The story behind the creation of Prowler and what Prowler does? How is Prowler different to CIS benchmark? How to set up an effective inc...
Mar 07, 2021•46 min•Season 2Ep. 11
In this episode of the Virtual Coffee with Ashish edition, we spoke with Nicholas McLaren ( Linkedin - nmclarencys ) is the Cloud Security Engineer, ByteChek( @Bytechek ). Host: Ashish Rajan - Twitter @hashishrajan Guest: Nicholas McLaren ( Linkedin - nmclarencys In this episode, Nick & Ashish spoke about What qualifications do you need to become a cloud security engineer? Degrees, certifications etc How to network effective to secure your 1st cloud security role? Network in the world of Cov...
Feb 28, 2021•48 min•Season 2Ep. 10
In this episode of the Virtual Coffee with Ashish edition, we spoke with Michael Fraser ( @itascode ) is the Chief Architect, Co-Founder at refactr ( @RefactrIT ). Host: Ashish Rajan - Twitter @hashishrajan Guest: Michael Fraser - @itascode In this episode, Michael & Ashish spoke about What is DevSecOps? What is Kubernetes? Why would you use Kubernetes? What should a Kubernetes Deployment look like when done right from a security perspective? The building blocks of making Kubernetes part of ...
Feb 21, 2021•56 min•Season 2Ep. 9
In this episode of the Virtual Coffee with Ashish edition, we spoke with Ben Tomhave ( Linkedin - @btomhave ) is the Principal, Falcon’s View Consulting ( @FalconsView) . Host: Ashish Rajan - Twitter @hashishrajan Guest: Ben Tomhave ( Linkedin - @btomhave ) In this episode, Ben & Ashish spoke about What are Containers? What is Container Security/ Kubernetes Security for people from traditional security background? What should a Container Deployment look like? 7 Security Challenges for introd...
Feb 14, 2021•53 min•Season 2Ep. 8
In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Guest: Zane Lackey - Linkedin In this episode, Zane & Ashish spoke about What was your path to your current CyberSecurity Role? DevOps movement between East Coast and West Coast in 2010 - Etsy (Biggie) & Netflix (2Pac) Was the change to 30 production deployments a day, good thing for security?...
Feb 10, 2021•52 min•Season 2Ep. 7
In this episode of the Virtual Coffee with Ashish edition, we spoke with Kurt John, Chief CyberSecurity Officer CISO at Siemens USA Host: Ashish Rajan - Twitter @hashishrajan Guest: Kurt John - Linkedin In this episode, Kurt & Ashish spoke about Cloud Security in a Large Organisation and the challenges that come with it. Cloud and Cloud Security in the Operation Technology World How Product Security and Enterprise Security is approached? The impact of Covid-19 on cloud transformation. Impact...
Feb 07, 2021•55 min•Season 2Ep. 6
In this episode of the Virtual Coffee with Ashish edition, we spoke with David Lavezzo, Director of Security Chaos Engineering at Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: David Lavezzo - Linkedin In this episode, David & Ashish spoke about What is security chaos experiments and how does it compare to chaos engineering? The Golden Age of Offence? Tools for Chaos Experiments How to get started in Security Chaos Experiments? Is Security Chaos Experiments only for large comp...
Jan 31, 2021•35 min•Season 1Ep. 5
In this episode of the Virtual Coffee with Ashish edition, we spoke with Brianna Malcolmson , Security Engineering Manager, Atlassian Host: Ashish Rajan - Twitter @hashishrajan Guest: Brianna Malcolmson - Linkedin @briannajoy In this episode, Brianna & Ashish spoke about What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? How to get started in Cloud Pentesting? The need for Cloud Certification and recommendations for Beginners? Is there something pe...
Jan 24, 2021•47 min•Season 2Ep. 4
In this episode of the Virtual Coffee with Ashish edition, we spoke with Matt Johnson, Developer Advocate Lead, Bridgecrew. Host: Ashish Rajan - Twitter @hashishrajan Guest: Matt Johnson - Twitter @metahertz In this episode, Matt & Ashish spoke about What was Matt’s path into Developer Advocate role? What does Cloud Security mean to Matt? What is Infrastructure as Code and Infrastructure Code Security ? Are developers or security teams doing more infrastructure as a code security? What is de...
Jan 17, 2021•50 min•Season 2Ep. 3
In this episode of the Virtual Coffee with Ashish edition, we spoke with Pawel Rzepa, Snr Security Consultant, SecuRing. Host: Ashish Rajan - Twitter @hashishrajan Guest: Pawel Rzepa - Twitter @rzepsky In this episode, Pawel & Ashish spoke about What was Pawel’s path into Cybersecurity? What does Cloud Security mean to Pawel? What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? What is threat hunting in cloud security assessments? What permissions ar...
Jan 10, 2021•53 min•Season 2Ep. 2
In this episode of the Virtual Coffee with Ashish edition, we spoke with Sriya Potham, Principal Cloud Security Architect Host: Ashish Rajan - Twitter @hashishrajan Guest: Sriya Potham - Linkedin @sriya In this episode, Sriya & Ashish spoke about What was your path into Cybersecurity? Whats your definition of Cloud Security? What is the shared responsibility model? Whats a day in the life of a Cloud Security Architect ? Are cloud architecture reviews different in different industries? As a C...
Jan 03, 2021•44 min•Season 2Ep. 1
In this Christmas special episode of the Virtual Coffee with Ashish edition , we had a panel of successful CyberSecurity Podcast Hosts that answered questions about starting and running a successful CyberSecurity Podcast. Panel Participants: Host: Ashish Rajan - Twitter @hashishrajan , Host of Cloud Security Podcast Guest 1: Chris Cochran - Linkedin chriscochrancyber , Podcast co-Host, Hacker Valley Studio Guest 2: James J Azar - Linkedin James-j-azar , Podcast host, The CyberHub Podcast In this...
Dec 20, 2020•1 hr 3 min
In this episode of the Virtual Coffee with Ashish edition, we spoke with Monica Verma, CISO Host: Ashish Rajan - Twitter @hashishrajan Guest: Monica Verma - Linkedin @monicaverma In this episode, Monica & Ashish spoke about What was your path into Cybersecurity? What does Cloud Security mean for you? How do you explain risk management to people? Can an organisation be risk free? Are there any obvious risk management considerations and challenges people should consider? What are some of the b...
Nov 29, 2020•48 min•Season 1Ep. 50
In this episode of the Virtual Coffee with Ashish edition, we spoke with Sam Small, Chief Security Officer, Zerofox Host: Ashish Rajan - Twitter @hashishrajan Guest: Sam Small - Linkedin @samsmallphd In this episode, Sam & Ashish spoke about What was your path into your current role? What are Digital Risk and Digital Threats? How do you identify Digital Risk? what are the broad categories? How is Digital Risk different at an organisation level? Is Digital Risk Protection the same as Cyber Th...
Nov 22, 2020•55 min•Season 1Ep. 49
In this episode of the Virtual Coffee with Ashish edition, we spoke with Matthew Fuller, co-Founder CloudSploit, Aqua Host: Ashish Rajan - Twitter @hashishrajan Guest: Matthew Fuller - Linkedin @mattdfuller In this episode, Matthew & Ashish spoke about What was your path into your current role? What was the inspiration behind CloudSpoilt? What does Cloud Security mean for you? What are your thoughts for organisations navigating the dilemma of buy first vs build first? What is Open Source? Op...
Nov 15, 2020•47 min•Season 1Ep. 48
In this episode of the Virtual Coffee with Ashish edition, we spoke with Melissa Benua, Director of Engineering Host: Ashish Rajan - Twitter @hashishrajan Guest: Melissa Benua - Linkedin @mbenua In this episode, Melissa & Ashish spoke about What was your path into the Engineering Manager role? What does Cloud Security mean for you? For those people listening what are some of the foundational Modern Delivery methods - CI/CD, Trunkline deployments etc What roles does security can play in such ...
Nov 08, 2020•43 min•Season 1Ep. 47
In this episode of the Virtual Coffee with Ashish edition, we spoke with Naomi Buckwalter Host: Ashish Rajan - Twitter @hashishrajan Guest: Naomi Buckwalter - Linkedin @naomi-buckwalter In this episode, Naomi & Ashish spoke about What was your path into CyberSecurity? What does Cloud Security mean for you? What is GDPR? Privacy vs Security? How do we define processing data for purposes of GDPR? At what point GDPR become a legal thing vs a security thing? Does an AU company with data is in th...
Nov 01, 2020•46 min•Season 1Ep. 46
In this episode of the Virtual Coffee with Ashish edition, we spoke with Casey Ellis Host: Ashish Rajan - Twitter @hashishrajan Guest: Casey Ellis - Linkedin @caseyjohnellis In this episode, Casey & Ashish spoke about What was your path into CyberSecurity .What does Cloud Security mean for you? CrowdSource security as a service model & Bug Bounty, can you tell the audience about this space? How do you make people feel comfortable with the concept of crowdsource security? Is bug bounty on...
Oct 25, 2020•1 hr 6 min•Season 1Ep. 45
In this episode of the Virtual Coffee with Ashish edition, we spoke with Daniel Miessler Host: Ashish Rajan - Twitter @hashishrajan Guest: Daniel Miessler - Linkedin @danielmiessler In this episode, Daniel & Ashish spoke about What was your path into CyberSecurity Continuous Monitoring(CM) or Continuous Auditing - is that the same thing for you? CI/CD, one would assume CM is obvious, or is CM more of a mature organisation thing? At what point, should an organisation consider Continuous Monit...
Oct 18, 2020•49 min•Season 1Ep. 44
