Sign up to save your podcasts
Or
Share EP143 Cloud Security Remediation: The Biggest Headache?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP143 Cloud Security Remediation: The Biggest Headache?
Guests:
-
Tomer Schwartz, Dazz CTO
Topics:
-
It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true?
-
As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too?
-
One of us used to cover vulnerability management at Gartner, and in many cases the remediation failures [on premise] were due to process, not technology, breakdowns. Is this the same in the cloud? If still true, how can any vendor technology help resolve it?
-
Why is cloud security remediation such a headache for so many organizations?
-
Is the friction real between security and engineering teams? Do they have any hope of ever becoming BFFs?
-
Doesn’t every CSPM (and now ASPM too?) vendor say they do automated remediation today? How should security pros evaluate solutions for prioritizing, triaging, and fixing issues?
Resources:
-
Video (YouTube, LinkedIn)
-
Cloud Security Remediation for Dummies
-
EP3 Automate and/or Die?
-
EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?’
-
EP54 Container Security: The Past or The Future?
-
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
A Guide to Building a Secure SDLC
-
8 Megatrends drive cloud adoption—and improve security for all
View all episodes
By Anton Chuvakin
4.8
3838 ratings
Guests:
-
Tomer Schwartz, Dazz CTO
Topics:
-
It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true?
-
As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too?
-
One of us used to cover vulnerability management at Gartner, and in many cases the remediation failures [on premise] were due to process, not technology, breakdowns. Is this the same in the cloud? If still true, how can any vendor technology help resolve it?
-
Why is cloud security remediation such a headache for so many organizations?
-
Is the friction real between security and engineering teams? Do they have any hope of ever becoming BFFs?
-
Doesn’t every CSPM (and now ASPM too?) vendor say they do automated remediation today? How should security pros evaluate solutions for prioritizing, triaging, and fixing issues?
Resources:
-
Video (YouTube, LinkedIn)
-
Cloud Security Remediation for Dummies
-
EP3 Automate and/or Die?
-
EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?’
-
EP54 Container Security: The Past or The Future?
-
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
A Guide to Building a Secure SDLC
-
8 Megatrends drive cloud adoption—and improve security for all
More shows like Cloud Security Podcast by Google
View all
Risky Business
363 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
633 Listeners
The Cloudcast
154 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
CyberWire Daily
1,008 Listeners
AWS Podcast
199 Listeners
Smashing Security
313 Listeners
Click Here
387 Listeners
Cybersecurity Today
141 Listeners
Kubernetes Podcast from Google
182 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
308 Listeners
Defense in Depth
72 Listeners
Cyber Security Headlines
120 Listeners
Risky Bulletin
33 Listeners