Sign up to save your podcasts
Or
Share EP111 How to Solve the Mystery of Application Security in the Cloud?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP111 How to Solve the Mystery of Application Security in the Cloud?
Guest:
-
Brandon Evans, Infosec Consultant and Certified Instructor and Course Author at SANS
Topics:
-
What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right?
-
Occasionally, we hear the sentiment that "developers don't care about security," how would you counter it (and would you?)?
-
How do we encourage developers and operations to use the appropriate security controls and settings in the cloud? Is "encourage" the right word?
-
Can we really do "secure by default" but for developers?
-
What do you think are the main application security issues that developers need to deal with in the cloud?
-
You mentioned software supply chain security, do you treat this as a part of application security? How important is this, realistically, for an average organization and its developers?
-
Going to our favorite subject of threat detection, how do you think we can better encourage developers to supply the logs necessary for our detection and response teams to act upon?
Resources:
-
"Cloud Security: Making Cloud Environments a Safer Place" ebook by SANS
-
SANS.org/cloud site
-
"The Phoenix Project" book by Gene Kim et al
-
"The Unicorn Project" book by Gene Kim
-
"Next Special - Log4j Reflections, Software Dependencies and Open Source Security" (EP87)
-
"2022 Accelerate State of DevOps Report and Software Supply Chain Security" (EP100)
-
"Linking Up The Pieces: Software Supply Chain Security at Google and Beyond" (EP24)
View all episodes
By Anton Chuvakin
4.8
3939 ratings
Guest:
-
Brandon Evans, Infosec Consultant and Certified Instructor and Course Author at SANS
Topics:
-
What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right?
-
Occasionally, we hear the sentiment that "developers don't care about security," how would you counter it (and would you?)?
-
How do we encourage developers and operations to use the appropriate security controls and settings in the cloud? Is "encourage" the right word?
-
Can we really do "secure by default" but for developers?
-
What do you think are the main application security issues that developers need to deal with in the cloud?
-
You mentioned software supply chain security, do you treat this as a part of application security? How important is this, realistically, for an average organization and its developers?
-
Going to our favorite subject of threat detection, how do you think we can better encourage developers to supply the logs necessary for our detection and response teams to act upon?
Resources:
-
"Cloud Security: Making Cloud Environments a Safer Place" ebook by SANS
-
SANS.org/cloud site
-
"The Phoenix Project" book by Gene Kim et al
-
"The Unicorn Project" book by Gene Kim
-
"Next Special - Log4j Reflections, Software Dependencies and Open Source Security" (EP87)
-
"2022 Accelerate State of DevOps Report and Software Supply Chain Security" (EP100)
-
"Linking Up The Pieces: Software Supply Chain Security at Google and Beyond" (EP24)
More shows like Cloud Security Podcast by Google
View all
WSJ Your Money Briefing
1,723 Listeners
WSJ What’s News
4,423 Listeners
Security Now (Audio)
2,010 Listeners
Risky Business
373 Listeners
CyberWire Daily
1,026 Listeners
NVIDIA AI Podcast
347 Listeners
Darknet Diaries
8,079 Listeners
Cybersecurity Today
177 Listeners
Practical AI
211 Listeners
Cloud Security Podcast
58 Listeners
Cybersecurity Headlines
140 Listeners
Huberman Lab
29,297 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
683 Listeners
HBR On Leadership
169 Listeners
AI Security Podcast
9 Listeners