TechSpective Podcast

TechSpective Podcast Episode 138

 

Cloud environments have transformed the way organizations operate, but they’ve also introduced new challenges for cybersecurity teams. In the latest episode of the TechSpective Podcast, I sit down with Eyal Fisher, CPO of Sweet Security, to dive deep into the evolving landscape of cloud security and the innovative solutions needed to stay ahead of threats.

Tackling Cloud Security’s Unique Challenges

Cloud environments are massive, dynamic, and present a much larger attack surface than traditional on-premises setups. This complexity makes real-time threat detection particularly difficult. As Eyal Fisher explains, traditional security tools designed for endpoints or on-prem environments struggle to scale effectively in the cloud. The key is understanding the unique nature of cloud infrastructure and using technologies that are purpose-built for it.

eBPF and Runtime Detection

One of the highlights of the conversation is how Sweet Security leverages eBPF (Extended Berkeley Packet Filter) technology to gather deep insights into cloud environments without complex deployment processes. Eyal emphasizes that detecting threats in runtime — while the cloud environment is active — is crucial to pinpointing real risks amidst the noise generated by everyday operations.

Addressing Non-Human Identities

Another critical issue is the explosion of non-human identities in cloud environments. These include APIs, machine-to-machine interactions, and service-to-service communications. Traditional identity security methods, like multi-factor authentication, focus on human users and miss the majority of risks. Eyal outlines how Sweet Security’s runtime approach helps prioritize non-human identities that need immediate attention based on actual behavior.

AI and the Future of Cybersecurity

AI is transforming the cybersecurity industry, and Sweet Security is at the forefront of using AI and Large Language Models (LLMs) to improve cloud defenses. Fisher shares how AI helps their solution analyze environments, reduce response times, and even assist SOC teams in investigating incidents more effectively.

A Holistic Approach to Cloud Defense

What sets Sweet Security apart is their all-layer defense strategy. Unlike other solutions that focus on either the infrastructure, cloud, or application layer, Sweet covers all three. This comprehensive approach ensures threats can be detected no matter where they originate — from the application layer down to the cloud infrastructure.

Tune in to the full episode to learn more about how runtime detection, non-human identity security, and AI are reshaping the way organizations approach cloud security. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 137

 

I recently had the pleasure of sitting down with Sven Krasser, Chief Scientist and SVP of AI and R&D at CrowdStrike, to dive into the fascinating ways artificial intelligence (AI) is reshaping the cybersecurity landscape. If you're interested in how AI is empowering defenders while also being a tool for attackers, this episode is a must-listen.

The Evolution of AI in Cybersecurity

AI and machine learning have been crucial components in cybersecurity for years, but with the advent of generative AI, like ChatGPT, the game has changed. According to Sven, generative AI has allowed organizations to accelerate workflows, streamline documentation, and provide intelligence analysts with unprecedented access to large data sets. Tools like CrowdStrike’s Charlotte AI are at the forefront of this transformation, enabling security teams to quickly analyze complex attack graphs and detect emerging threats faster than ever before.

Democratizing Cybersecurity with AI

One of the most exciting aspects of AI discussed in this episode is how it democratizes access to cybersecurity expertise. With tools like Charlotte AI, even junior analysts can operate at higher efficiency levels by interacting with these advanced systems in natural language. This removes the need for deep technical knowledge of complex query languages, making cybersecurity tools accessible to a broader range of users.

The Double-Edged Sword of AI

Of course, with great power comes great responsibility. Sven also discussed the double-edged sword of AI in cybersecurity. While it’s helping defenders stay ahead, it’s also being exploited by attackers. AI is making it easier for bad actors to craft more convincing phishing attacks or find vulnerabilities in systems. However, Sven remains optimistic, noting that AI provides defenders with more significant advantages by enabling them to process vast amounts of data quickly and respond to threats in real-time.

What’s Next?

As AI continues to evolve, CrowdStrike is staying at the cutting edge of innovation. Sven highlighted the importance of security by design in AI platforms, ensuring that systems like Charlotte AI are not only powerful but also safe, secure, and compliant. He’s hopeful about the future, sharing that AI will help defenders stay ahead of the increasingly sophisticated threats posed by cyber adversaries.

If you’re curious about how AI is reshaping cybersecurity and what the future holds, be sure to check out this episode. You’ll walk away with a greater understanding of how AI is empowering defenders and why the future of cybersecurity is one of cautious optimism.

Tune in to the full episode to learn more about the design choices and challenges specific to cybersecurity and best practices for integrating GenAI into security frameworks. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 136

 

There’s one area that often flies under the radar, yet poses a critical cybersecurity threat to organizations: non-human identities. These programmatic access credentials—like API keys and service accounts—are the invisible lifeblood of today’s automated systems, yet they are also a major vulnerability.

In this episode of the TechSpective Podcast, Itzik Alvas, co-founder and CEO of Entro Security, joins me to delve into the hidden world of non-human identity management. Drawing from his extensive experience, including multiple real-world breaches, Itzik sheds light on why these identities are often overlooked, how they can be exploited, and what organizations can do to protect themselves.

But it’s not just about identifying the problem. Itzik also shares innovative strategies and tools that Entro Security is deploying to help companies get a handle on their non-human identity sprawl, and how these solutions are becoming essential as businesses increasingly rely on automation, AI, and microservices.

Curious about what non-human identities are and why they’re such a big deal? Want to learn how to protect your organization from the hidden dangers lurking in your infrastructure? Tune in to this eye-opening conversation—it’s one you won’t want to miss.

Tune in to the full episode to learn more about how Entro Security and how to solve the challenge of managing secrets and non-human identities. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 135

 

In the latest episode of the TechSpective Podcast, I had the pleasure of sitting down with Guy Guzner, co-founder and CEO of Savvy Security. With nearly three decades of experience in cybersecurity, Guy shares his insights into the rapidly evolving landscape of digital threats, particularly in the context of SaaS (Software as a Service) applications.

The conversation dives deep into the challenges that modern organizations face as they navigate the complex world of SaaS sprawl. As businesses increasingly rely on SaaS solutions to drive productivity and innovation, the risks associated with identity management and security grow exponentially. Guy explains how identity has become the new perimeter in this cloud-first world, and why traditional security approaches are no longer sufficient to protect sensitive data and critical systems.

One of the key themes of the episode is the balance between security and user experience. Guy and I discuss how security tools can either empower or hinder users, and why it's crucial for security solutions to be both effective and seamless. We also touch on the importance of automation and visibility in managing the sprawling IT environments that are now the norm for many organizations.

If you're interested in the future of cybersecurity and how to stay ahead in a constantly changing threat landscape, this episode is a must-listen. Guy brings a wealth of knowledge to the table, offering practical insights and forward-thinking strategies that will resonate with anyone involved in protecting their organization's digital assets.

Tune in to the full episode to learn more about how Savvy Security is tackling these challenges head-on and what steps you can take to secure your SaaS environment effectively. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 134

 

There is a lot of talk about identity protection--password policies and best practices, requiring two-factor or multifactor authentication, user credentials exposed in phishing attacks and data breaches, etc. What we don't talk about nearly as often is the fact that human user identities actually make up a relatively small percentage of the total identities for most organizations.

Another thing that is not often acknowledged or discussed is that provisioning a user identity and setting an employee up with a username and password was traditionally more of a pure IT or HR function--not a task that even falls under security. Times have changed, and most organizations recognize that identity security is a crucial foundation for effective cybersecurity, but most also continue to struggle with identity visibility and hygiene.

Silverfort strives to go where identity protection has never gone before. Hed Kovetz, co-founder and CEO of Silverfort, joins me on this episode of the TechSpective Podcast to talk about the challenges organizations face with identity security and share insights on how we need to evolve our approach to identity protection to adapt to the emerging attack surface and threat landscape.

Check out the full episode for more about modern identity protection. We also chat about the impact of AI on identity security--both in how it enables threat actors to accelerate malicious activity and develop more convincing attacks, and the ways it empowers IT security teams to streamline identity protection and improve security. This conversation is packed with valuable insights for anyone looking to enhance their organization’s cybersecurity posture.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 133

 

Nick Edwards, Vice President of Product Management at Menlo Security joins me for this insightful episode of the TechSpective Podcast. Nick brings decades of cybersecurity experience to the table, offering a deep dive into the intricacies of enterprise browser security.

If you’re looking to bolster your organization’s cybersecurity posture, this episode is a must-listen.

Key Highlights from the Episode

Nick delves into the fascinating evolution of browsers, from simple consumer tools to essential enterprise applications. With the rise of SaaS and remote work, browsers have become the primary interface for accessing sensitive business data, but their consumer origins mean they are not inherently secure for enterprise use.

Nick highlights the unique vulnerabilities of browsers, which are designed to render and execute code, making them susceptible to a variety of attacks. He explains common threat vectors like HTML smuggling and web-delivered phishing attacks, emphasizing the necessity for robust browser security measures.

One of the most compelling parts of the discussion is Menlo Security’s innovative approach to browser security. Instead of forcing organizations to switch to a new browser, Menlo's solution allows companies to continue using their preferred browsers, such as Chrome or Edge. Menlo’s cloud-based security layer acts on behalf of the endpoint, offering comprehensive security without disrupting the user experience.

Check out the full episode for more about browser security. Nick also discusses the future of workspace security in the context of hybrid work environments. He underscores the importance of consistent security policies across various devices and locations, envisioning a secure future where browsers play a central role in enterprise security strategies. This conversation is packed with valuable insights for anyone looking to enhance their organization's cybersecurity posture.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 132

 

The rapid adoption of generative AI technologies like ChatGPT has taken the tech world by storm. Generative AI models and the LLMs (large language models) they rely on are pervasive--and potentially invasive--which highlights the importance of AI safety research, emphasizing the need to accelerate efforts to keep pace with this swift adoption.

Adobe’s Strategic Approach

Gurpartap "GP" Sandhu, the leader of the product security AI and data engineering team at Adobe, joins this episode of the TechSpective Podcast to talk about how Adobe’s approach to AI is both cautious and innovative. GP delves into practical applications of AI within Adobe, such as auto-generating code fixes and scaling threat models using multimodal AI capabilities. These advancements not only improve efficiency but also enhance the overall security infrastructure. The discussion extends to broader societal impacts, including the challenges posed by deep fakes and AI-generated disinformation.

A Dual Mandate: Balancing Risks and Opportunities

GP emphasizes the concept of a dual mandate in AI and security. He explains that while it’s essential to focus on minimizing risks such as data poisoning and prompt injection, it's equally important to leverage AI to enhance security measures. This balanced perspective sets the stage for a deep dive into how Adobe is navigating the complex landscape of AI in cybersecurity.

Encouraging Hands-on Engagement

We also talk about the importance of hands-on experimentation with AI technologies. They encourage listeners to engage directly with AI tools to better understand and contribute to their development. This call to action resonates with tech enthusiasts and professionals alike, emphasizing the collective effort required to navigate the evolving AI landscape.

Check out the full episode for more about AI security and security for AI. GP and I have some interesting back and forth about the potential risks and implications of AI, and finding a balance between being cautious and optimistic.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 131

 

Most people--at least, most people in tech--agree at this point that it's not so much that AI will steal your job as it is that AI will augment your job. To the extent that your job itself might be at risk, it's more likely that you would be replaced by someone who is better at using AI than you--not replaced by AI itself.

Experts inside Adobe have been hard at work developing that sort of AI augmentation to streamline security operations. The LLM agent Adobe has developed provides Dynamic Detection Analysis to leverage the strengths of AI to quickly sift through data and identify issues worthy of further scrutiny. John Gillis, a Senior Automation Engineer with Adobe, joins the TechSpective Podcast once again to talk about Dynamic Detection Analysis and the efforts he is part of at Adobe.

Check out the full episode for more about LLM agents and Dynamic Detection Analysis. We also discuss the impact of AI and generative AI on the world around us and the possibility of humans being connected directly to information through a neural link. Spoiler alert: I stress that if Elon Musk has any connection to the technology,  I will just be the Luddite without the neural link connection. I'm not looking to be part of a "Borg" collective of insane conspiracy theories and right-wing propaganda.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 130

 

Backing up data has been a fundamental requirement for IT since data began. In the age of ransomware, though, data backups have had a bit of a rollercoaster ride.

When ransomware first emerged, data backups were a saving grace. If your systems were encrypted and knocked offline by ransomware, you could simply restore from backup and carry on. Eventually, though, threat actors figured out how to also seek out any connected backups and encrypt them as well. As organizations adapted, threat actors evolved a new tactic of stealing data before encrypting it and also threatening to leak or sell it--effectively nullifying the ability to simply restore from backup without consequence. However, backing up data is still crucial because even when organizations pay the ransom, there is very good chance they will not be able to restore all data.

Anthony Cusimano, Director of Technical Marketing at Object First joins the podcast to talk about the challenges of categorizing and effectively backing up and protecting data. Object First was created to provide secure, simple, and powerful backup storage with out-of-the-box immutability optimized specifically for Veeam.

Check out the full episode for more about data backup challenges and best practices. We also discuss issues with data hoarding and data pollution, and the impact of artificial intelligence and generative AI on data storage.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 129

 

You may not have noticed, but the tech and cybersecurity job market has sort of sucked the past few years. Maybe it's just me. My friend Richard Stiennon, research analyst with IT-Harvest and author of Security Yearbook 2024, joins this episode of the TechSpective Podcast to talk about the upcoming 5th edition of the Security Yearbook, and share his insights on why he thinks that is all about to change.

"Hiring has been frozen for the last 18 months, but my advice is, 'Hang in there.' All hell is gonna break loose," declared Stiennon.

He adds, "I'm convinced that we are entering into an era that will make the dot.com boom seem like a blip. The world of technology is going to impact the entire economy. We're going to be in boom times like none of us have ever experienced."

What, you may ask, is the driving force behind Stiennon's fervent optimism? AI.

Check out the full episode for more about what to expect in Security Yearbook 2024, as well as more about the impact AI and generative AI will have on the world--particularly the world of technology and cybersecurity. We also chat about the dubious reasons that many companies have used to let people go and why it is short-sighted and potentially damaging to a company's brand to eliminate marketing or cut back too far, even when the economy is down.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.