Pranay Kamat (Prod Mgmt @datadoghq) talks about the challenges is protecting sensitive data, internal vs. external attacks, evolution of DLP, the role of Governance in DevSecOps. 

SHOW: 617

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

• Revelo: Sidestep the competitive US talent market by hiring remote engineers in Latin America. Source, hire, and pay Latin American engineers in US time zones with one service. Revelo manages all the paperwork including benefits, payroll, and compliance. Hire a full-time engineer with a 14-day trial. Revelo.com/cloudcast
• Monitor CI Pipelines and Tests with Datadog CI Visibility
• Datadog CI Visibility supports shift-left testing Identify and resolve front-end issues on your web applications before your customers notice. Start a free trial today.
• strongDM - Secure infrastructure access for the modern stack. 
• Manage access to any server, database, or Kubernetes instance in minutes. Fully auditable, replayable, secure, and drag-and-drop easy. Try it free for 14 days - www.strongdm.com/signup

SHOW NOTES:

• Datadog Sensitive Data Scanner
• Best practices for reducing sensitive data blindspots and risk
• Building a Modern Compliance Strategy [video]

Topic 1 - Welcome to the show. Let’s talk about your background and the areas where you focus at Datadog. 

Topic 2 - We continuing to see headlines about critical data being stolen, which is a trend that doesn’t seem to be slowing down. Give us a picture of where we are with the problems that are still causing this, and what new things companies can do to prevent it.

Topic 3 - Where are some of the differences between traditional Data Loss Prevent (DLP) strategies and strategies that proactively look at logs to identify data access and breaches? 

Topic 4 - We often think about attacks coming from the outside, but oftentimes attacks happen from inside the house (directly or indirectly). How important is it to be able to control access to logs and what is visible within logs to prevent internal attacks and vulnerabilities?  

Topic 5 - What are some of the more dynamic, modern ways to identify sensitive traffic and tag it properly so systems can act on it? 

Topic 6 - It’s often said that security is everyone’s issue. In modern teams (DevOps, DevSecOps, etc.), where are you seeing as the owner of this Governance and Sensitive data?