Sign up to save your podcasts
Or
Share EP143 Cloud Security Remediation: The Biggest Headache?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP143 Cloud Security Remediation: The Biggest Headache?
Guests:
-
Tomer Schwartz, Dazz CTO
Topics:
-
It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true?
-
As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too?
-
One of us used to cover vulnerability management at Gartner, and in many cases the remediation failures [on premise] were due to process, not technology, breakdowns. Is this the same in the cloud? If still true, how can any vendor technology help resolve it?
-
Why is cloud security remediation such a headache for so many organizations?
-
Is the friction real between security and engineering teams? Do they have any hope of ever becoming BFFs?
-
Doesn't every CSPM (and now ASPM too?) vendor say they do automated remediation today? How should security pros evaluate solutions for prioritizing, triaging, and fixing issues?
Resources:
-
Video (YouTube, LinkedIn)
-
Cloud Security Remediation for Dummies
-
EP3 Automate and/or Die?
-
EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?'
-
EP54 Container Security: The Past or The Future?
-
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
A Guide to Building a Secure SDLC
-
8 Megatrends drive cloud adoption—and improve security for all
View all episodes
By Anton Chuvakin
4.8
3939 ratings
Guests:
-
Tomer Schwartz, Dazz CTO
Topics:
-
It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true?
-
As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too?
-
One of us used to cover vulnerability management at Gartner, and in many cases the remediation failures [on premise] were due to process, not technology, breakdowns. Is this the same in the cloud? If still true, how can any vendor technology help resolve it?
-
Why is cloud security remediation such a headache for so many organizations?
-
Is the friction real between security and engineering teams? Do they have any hope of ever becoming BFFs?
-
Doesn't every CSPM (and now ASPM too?) vendor say they do automated remediation today? How should security pros evaluate solutions for prioritizing, triaging, and fixing issues?
Resources:
-
Video (YouTube, LinkedIn)
-
Cloud Security Remediation for Dummies
-
EP3 Automate and/or Die?
-
EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?'
-
EP54 Container Security: The Past or The Future?
-
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
A Guide to Building a Secure SDLC
-
8 Megatrends drive cloud adoption—and improve security for all
More shows like Cloud Security Podcast by Google
View all
Security Now (Audio)
2,009 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,020 Listeners
Smashing Security
319 Listeners
Click Here
416 Listeners
Darknet Diaries
8,059 Listeners
Cybersecurity Today
179 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
AWS Podcast
204 Listeners
Defense in Depth
74 Listeners
Cloud Security Podcast
57 Listeners
Cyber Security Headlines
139 Listeners
Risky Bulletin
44 Listeners