Cloud Security Podcast

1.3K posts

Cloud Security Podcast banner
Cloud Security Podcast

Cloud Security Podcast

@CloudSecPod

Award Winning Top 10 Ranked CyberSecurity Podcast in US,UK and Aus. Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Host: @hashishrajan

London, UK Katılım Şubat 2019
1 Takip Edilen3.6K Takipçiler
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Every enterprise claims to be all in on one cloud. A former AWS product manager says every single one he works with runs at least two providers, plus on-prem. The single-cloud story only holds with zero on-prem. Almost nobody qualifies. @Cisco
English
0
0
0
158
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
The first time an AI security agent ran across a Fortune 100 cloud environment, the projected cost was $4M a week. There is a ceiling on what anyone will pay, so wasted spend is accuracy you never get to buy. Cost and accuracy are the same budget @HarryWetherald @Maze_Security
English
0
2
2
157
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Speed is not the point of AI in the SOC. "AI can help, but it can also hurt without the right context." @aqsa_taylor on why the data model has to be trusted before the AI agent can be. Full clip on our LinkedIn and YouTube. @exaforceAI
English
0
0
0
128
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Assume every AI agent is breached. @ElyKahn (CPO, @okta ) on why that has to be the posture: prompt injection isn't getting solved, so the work is shrinking the blast radius. Highest-ROI move? Least privilege. Not the model, the standing access. #OktaPartner
English
0
0
1
186
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Stolen credentials to full admin in 8 minutes on a real AWS environment. We knew it was AI: it kept assuming roles and spinning up GPUs to mine crypto when it got stuck. If an attack finishes in under 10 mins, console-and-alert-triage is already dead. @EppSecurity @sysdig
English
0
0
3
167
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Ransomware stopped being about encryption. It's data first now, they find it, query it, and take the high-value stuff: payment contracts, PII, leverage. Backups don't save you when exposure is the threat, not recovery. @varonis
English
0
0
2
151
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
By 2027, your vendor risk request might be answered by an agent, not a person. Vendor agents talking to risk-management agents. Verifying credentials, asking about pen test results, no human in the middle. You can't manage risk on agents you've never counted. @Lovable
English
2
0
0
165
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Your smart engineers can build an AI SOC. Building it turns your security team into a product team. You don't reduce the effort you relocate it And one agent with the wrong guardrails deleted an entire database Build-vs-buy isn't a capability question @exaforceAI @aqsa_taylor
English
0
0
0
173
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Microsoft Graph queries landing seconds after a token's stolen. No human moves that fast. Simon Biggs on what IR looks like now AI removed the skill barrier: encryption-first → data-first, same-day exploits, ransom crews running nation-state queries. @varonis
English
0
0
1
193
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Most AI SOC tools triage alerts without knowing what's normal for your business, your users, your systems. No context. They piece it together on the fly and call it detection. That gap is everything.
English
0
0
0
85
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
25 minutes. That's how fast an organization can go from exposed to fully exfiltrated. Sometimes seconds. AI is on the adversary's side too, a simple prompt builds the attack and the infrastructure. It's no longer days from vulnerability discovered to exploited. @PaloAltoNtwks
English
0
0
2
63
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Someone can read your entire corporate inbox in 3 seconds. You're on vacation. You come back with no idea it happened. Indirect prompt injection is invisible hard to spot live, impossible to spot after. The exploit used to be code. Now it's language. @CheckPointSW
English
0
0
0
55
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
AI can help your SOC. It can also hurt it without the right context. Aqsa Taylor of @exaforceAI on why the data model under the AI matters more than the model itself, and why the real gap isn't triage it's level-two investigation. #cloudsecurity #aisoc
English
0
0
0
44
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
MFA and SSO were built to prove who you are at login. They were never built to protect what happens after. Attackers don't need your password. They abuse the post-authentication material, the cookie, the token and operate as you. @SpecterOps
English
0
0
2
1.8K
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Claude Code + your SIEM gets you ~20% of the way to real detection engineering. The other 80%: data normalization, intelligence limits, and maintaining the whole system. The work isn't asking the question. It's testing and validating detections in your own context
English
0
0
0
75
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Most teams think they have a few attack paths. The real number can run into the billions. Mark Wilson & Kay Daskalakis from the team behind Bloodhound @SpecterOps spoke to @hashishrajan about identity, agentic AI on old infrastructure, and why speed changes but context doesn't
English
0
1
3
786
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Everyone's buying AISPM. Almost no one can stop an agent going off the rails. Full inventory. Total visibility. And no way to step in when the agent goes wrong. Posture is not prevention. @varonis #cloudsecurity #aisecurity
English
0
0
0
47
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
Your AI agents are unvetted employees. You didn't train them. You didn't vet them. And they act with your access. Rob's fix: apply the same controls you'd apply to a human. Vetting, training, limits. He vibe-coded agents himself. One went off the rails @Mimecast #aiagents
English
0
0
1
80
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
85% of your mission-critical apps run in a browser. That browser was built to monetize you. Not your business. SaaS apps. Sensitive data. IP. All running through a browser engineered to serve ads. @island_io
English
0
0
1
45
Cloud Security Podcast
Cloud Security Podcast@CloudSecPod·
You can switch on AI tooling for your non-technical teams in an afternoon. The visibility you lose takes much longer to notice. That's modern third-party risk: the vendor isn't always outside your building anymore. @Lovable
English
0
0
0
60