Cloud Security Podcast

A CEO got a LinkedIn DM from a trusted contact. Investment opportunity. Looked real They clicked. Logged in with Google Workspace to view it The attacker knew something most security teams still don't your personal accounts are your company's attack surface now @PushSecurity

Attack campaigns that used to take weeks, now finish in minutes. Security teams are now seeing 10–15 step attack campaigns completed within minutes. AI may be the only way defenders can keep up with the speed of modern attacks. #AISecurity #SOC @DropzoneAI

Phishing doesn’t always come from suspicious domains anymore. Sometimes it comes from legitimate SaaS platforms. Attackers now sign up to tools like DocuSign or Google Sites, create a document with a big phishing button, and send it through the platform. #InfoSec @PushSecurity

AI security is starting to look a lot like cloud security did a decade ago. AI services are introducing new responsibility gaps. User → AWS Bedrock → Model Provider → External tools That’s 4–5 parties in the security chain. Where does responsibility actually sit?

Most modern breaches aren’t starting on the network anymore. They start in the browser. We spoke with Adam Bateman (@PushSecurity ) about how attackers are exploiting browser-based workflows and identity systems. 🎧 Episode goes LIVE tomorrow!

Attack campaigns that once took days can now happen in minutes. So how are SOC teams supposed to keep up? We spoke with Edward Wu (Founder of @DropzoneAI ) • Reality of AI-driven attacks • Why context matters more than hallucinations • how investigation workflows are changing

Security teams still track: “How many vulnerabilities did we close?” But that doesn’t equal risk reduction. The real questions are: • Is it reachable? • Is it exploitable? • What’s the blast radius? #CyberSecurity #ExposureManagement @brinqa

If you tell a data scientist: “Your model has a security vulnerability.” They may shrug. If you say: “This reduces model effectiveness by 30%.” Now they care. Security is translation. #AISecurity #DataScience #EnterpriseAI

Bolt-on security doesn’t work for AI. When models touch data, workflows, and decisions at once, point tools and legacy DLP lose context. AI security is a systems problem, not a checkbox problem. #AISecurity #AIGovernance #CyberSecurity @Trendai

70% of MCP servers run on local laptops. That means AI agents often execute with developer-level access outside traditional network controls. This is how AI becomes the new shadow IT. #AISecurity #AIAgents #EnterpriseAI @harmonicsec

AI security isn’t cloud security 2.0. It’s cloud infra + AI configuration + shared responsibility + new attack paths. Trailer’s up for my conversation with Toni De La Fuente on securing AI workloads in the cloud. #CloudSecurity #AISecurity #GenAI @prowlercloud

Compliance proves activity. It doesn’t prove risk reduction. Security isn’t about closed tickets, it’s about how much risk you actually removed. #CyberSecurity #CISO #ExposureManagement @brinqa

AI adoption isn’t following the cloud playbook. Cloud was top-down. AI is bottom-up. Employees are using it because it’s useful long before policies and controls exist. That’s why governing AI feels so much harder. #EnterpriseAI #AISecurity @harmonicsec

Natural language is becoming the new attack surface. In GenAI, attackers don’t need exploit code. They just need a sentence. Trailer’s live for today’s conversation with Eduardo Garcia on why runtime visibility matters more than static guardrails. #AISecurity @CheckPointSW

Vulnerability management is broken. Not the tools, the model. Trailer’s live for today’s episode with Brad Hibbert (@brinqa) on → Exposure vs risk → Ownership vs remediation → Why compliance ≠ security Full episode at 11:45am PST. 👇 #CyberSecurity #CloudSecurity #CISO

AI isn’t just something teams experiment with anymore. It’s becoming part of how work actually happens embedded across workflows, decisions, and systems. That shift changes how risk shows up. Full conversation dropping later today. @harmonicsec

AI isn’t another tool. It’s becoming the operating model embedded across workflows, decisions, and systems. That shift changes how risk shows up. Conversation with Shannon Murphy from @trendaisecurity live on Cloud Security Podcast #AISecurity #EnterpriseAI #CyberSecurity

AI can be technically correct and still create unacceptable risk. That’s not a model bug. That’s a governance failure. We spoke to Sapna from @Dayforce. Episode LIVE on Cloud Security Podcast #AISecurity #AIgovernance #CyberSecurity

AI won’t fix your detection program.And it definitely won’t replace thinking. Tomorrow’s episode with Antoinette Stevens is a reality check on AI in detection engineering what works, what doesn’t, and where humans still matter most. #AISecurity #DetectionEngineering

Every AI security conversation eventually runs into the same problem: governance. Not because teams don’t care but because security, data, legal, and engineering are rarely aligned. We spoke with Shannon Murphy from @trendaisecurity Episode drops tomorrow.