It's the final episode of Head In The Cloud, but it's not the end of one of your favourite security podcasters! Listen up to hear what's in store for the podcast and why I'm shutting down Head In The Cloud.

Some links:

Purple Squad Security

Purple Squad Security Slack Signup Bot

Head In The Cloud was proud to be a part of the GonnaGeek Podcast Network!

Thanks for listening, and have a great week!

I speak with Corey Quinn about AWS and their recent news headlines related to various breaches amongst other things...

Corey Quinn joins me on today's podcast to talk about AWS and how they've been in the news lately for all the wrong reasons. We talk about the shared security model, things we like and may not like so much about AWS, as well as ... chihuahuas? You'll need to listen to get the full story.

Some links:

Last Week In AWS (Corey's Newsletter)

Verizon Data Leak

WWE Data Leak

Sweden Data Leak

Head In The Cloud is proud to be part of the GonnaGeek Podcast Network!

Want to get in touch?  Want to join the discussion on Slack? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

A brief look at disaster recovery and how it applies to the cloud.

Disaster recovery is an important part of any security plan you have for your organization. Disaster recovery in the cloud is equally important but is often overlooked. In this episode I take a look at different levels of disaster recover, how to apply them to the cloud and some ideas for defining your own disaster recovery plan.

Some links:

Compare Azure and AWS Service Offerings

Compare Google Cloud Platform and AWS Service Offerings

Gitlab Outage Post Mortem

Terraform

Head In The Cloud is proud to be part of the GonnaGeek Podcast Network!

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

Scott Piper (@0xdabbad00) joins me to talk about flAWS, a website he created that is part capture the flag (CTF), red/blue team training, AWS security guide and honeypot!

Lots of interesting topics of discussion in this episode you definitely don't want to miss!

Some links:

flAWS

SummitRoute

Downclimb

Blog Article - Free Tools for Auditing The Security of an AWS Account

Email Scott

Twitter: @0xdabbad00

Head In The Cloud is proud to be part of the GonnaGeek Podcast Network!

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

Looking at the different *aaS solutions, what they are and what the security concerns around them are.

The big three! The "ah-s" or "as-s" if you will. I discuss what IaaS, PaaS, and SaaS are, what they stand for and what security related concerns you should have regarding each one.

Some links:

Proud to be part of the GonnaGeek Podcast Network!

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

I talk about Malware and some protections we can take in preventing its spread.

Today's episode is all about Malware - what can we do to protect ourselves, what are some best practices we can follow, etc. I'm a firm believer that Malware is something we can help curtail if we all do our part in protecting ourselves. The fewer systems there are to infect, the less common it will be.

Some links:

SANS Incident Handling for Small and Medium Businesses Whitepaper

Cisco's Talos Intelligence Blog

SANS Internet Storm Center

AlienVault Open Threat Exchange

Happy to be part of the GonnaGeek Podcast Network!

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

I speak with Anurag “Archie” Agarwal from ThreadModeler about DevSecOps, Rugged DevOps, their differences and a bit about threat modeling.

In this episode I speak with "Archie" Agarwal about DevSecOps and Rugged DevOps before venturing off to some other topics. Great interview, Archie is very knowledgable and a great guest! Have a listen and make sure to look up his company if you're in the market for threat modeling to increase your security posturing.

Contact info for Archie:

Email: [email protected]

Website: threatmodeler.com

Happy to be part of the GonnaGeek Podcast Network!

Want to get in touch?  Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

In this episode, I take a look at the different colours that often come up in security discussions, such as black, white, red, blue, gray, and purple! Looking at each one in turn as well as figuring out what they mean is the purpose of this episode. And people thought InfoSec was boring...

Happy to be part of the GonnaGeek Podcast Network!

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

Taking a look at IDSs, what they are, how they work and how they relate to cloud security.

In this week's podcast I take a look at Intrusion Detection Systems (IDSs), what they are, what they do, how they work and how they fit into a cloud security model. I went a bit long on this one but I think it's necessary given the breadth of this topic.

Some useful links from this podcast:

Snort

Bro

Suricata

OSSEC

Samhain

Wazuh

Tripwire

ThreatStack

Evident.io

AWS re:Invent 2014 | (SEC402) Intrusion Detection in the Cloud

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!

I speak with Ishay Tentser, CEO of IniTech-Digital Products & Innovation, about Data Residency and Privacy.

In this week's podcast I welcome Ishay Tentser to discuss data residency, privacy and law. This is an important topic that can get overlooked as you focus on security, but with a global economy, it's important to keep it at the forefront. Ishay is the CEO of IniTech-Digital Products & Innovation and was kind enough to join me from Jerusalem, Israel to discuss this important topic. Definitely not one you want to miss! You can reach Ishay via his email address, [email protected].

Some useful links from this podcast:

Privacy by Design Presentation

Ishay's LinkedIn Profile

Overview of the GDPR

Privacy Shield Framework

IniTech Website

Want to get in touch? Feel free to reach out!

Website: https://myheadinthe.cloud

Twitter: @JohnsNotHere

Peerlyst: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and have a great week!