Cloud Security Podcast by Google-logo

Cloud Security Podcast by Google

Technology Podcasts

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.

Location:

United States

Description:

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.

Language:

English


Episodes
Ask host to enable sharing for playback control

EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering

12/9/2024
Guest: Amine Besson, Tech Lead on Detection Engineering, Behemoth Cyberdefence Topics: SIEMlessSOARfulOpenTIDE 2.0 Resources: Guide your SOC Leaders to More Engineering Wisdom for Detection (Part 9)Hack.lu 2023: TIDeMEC : A Detection Engineering Platform Homegrown At The EC videoOpenTIDE · GitLab OpenTIDE 1.0 Release blogSpectreOps blog series ‘on detection’ Does your SOC have NOC DNA? presentation Kill SOC Toil, Do SOC Engtame version The original ASO paper Behind the Scenes with Red Canary's Detection Engineering TeamThe DFIR Report – Real Intrusions by Real Attackers, The Truth Behind the IntrusionSite Reliability Engineering (SRE) | Google Cloud

Duration:00:37:09

Ask host to enable sharing for playback control

EP201 Every CTO Should Be a CSTO (Or Else!) - Transformation Lessons from The Hoff

12/2/2024
Guest: Chris Hoff, Chief Secure Technology Officer at Last Pass Topics: simple Resources: LinkedInYouTube EP189 How Google Does Security Programs at Scale: CISO Insights EP104 CISO Walks Into the Cloud: And The Magic Starts to Happen! EP80 CISO Walks Into the Cloud: Frustrations, Successes, Lessons ... And Does the Risk Change? EP93 CISO Walks Into the Cloud: Frustrations, Successes, Lessons ... And Is My Data Secure?

Duration:00:36:57

Ask host to enable sharing for playback control

EP200 Zero Touch Prod, Security Rings, and Foundational Services: How Google Does Workload Security

11/25/2024
Guest: Michael Czapinski, Security & Reliability Enthusiast, Google Topics: “How Google protects its production services” zero touch prod Resources: “How Google protects its production services”SLSA framework EP189 How Google Does Security Programs at Scale: CISO Insights EP109 How Google Does Vulnerability Management: The Not So Secret Secrets! EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil SREcon presentationThe SRS book (free access)

Duration:00:27:38

Ask host to enable sharing for playback control

EP199 Your Cloud IAM Top Pet Peeves (and How to Fix Them)

11/18/2024
Guests: Michele ChubirkaSita Lakshmi Sangameswaran Topics: Resources: LinkedInYouTube EP127 Is IAM Really Fun and How to Stay Ahead of the Curve in Cloud IAM? EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler IAM: There and back again using resource hierarchies IAM so lost: A guide to identity in Google Cloud I Hate IAM: but I need it desperately EP33 Cloud Migrations: Security Perspectives from The Field EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use EP177 Cloud Incident Confessions: Top 5 Mistakes Leading to Breaches from Mandiant EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security“Identity Crisis: The Biggest Prize in Security”“Learn to love IAM: The most important step in securing your cloud infrastructure“

Duration:00:29:26

Ask host to enable sharing for playback control

EP198 GenAI Security: Unseen Attack Surfaces & AI Pentesting Lessons

11/11/2024
Guests: Ante GojsalicSplxAI Topics: Resources: EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side EP135 AI and Security: The Good, the Bad, and the Magical EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to YouSAIF.googleNext SAIF presentation with top 5 AI security issues Our Security of AI Papers and Blogs Explained

Duration:00:27:22

Ask host to enable sharing for playback control

EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective

11/4/2024
Guest: Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud Topics: three SIEM weekdisassembled or decoupled SIEMs early days of SecOps Resources: EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures EP184 One Week SIEM Migration: Fact or Fiction? Hacking Google video series Decoupled SIEM: Brilliant or …. Not :-) UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion So, Why Did I Join Chronicle Security?

Duration:00:29:34

Ask host to enable sharing for playback control

EP196 AI+TI: What Happens When Two Intelligences Meet?

10/28/2024
Guest: Vijay Ganti Topics: Resources: Google Threat Intel website “Future of Brain” book Detection engineering blog (Part 9) Detect engineering blogsDavid French The pyramid of pain blog “Scaling Up Malware Analysis with Gemini 1.5 Flash” “From Assistant to Analyst: The Power of Gemini 1.5 Pro for Malware Analysis”

Duration:00:28:08

Ask host to enable sharing for playback control

EP195 Containers vs. VMs: The Security Showdown!

10/21/2024
Cross-over hosts: Kaslin Fields, co-host at Kubernetes Podcast Abdel Sghiouar, co-host at Kubernetes Podcast Guest: Michele Chubirka, Cloud Security Advocate, Google Cloud Topics: ”what is more secure, container or a virtual machine (VM)?” Resources: Container Security, with Michele Chubrika“Kubernetes Podcast from Google” EP105 Security Architect View: Cloud Migration Successes, Failures and Lessons EP54 Container Security: The Past or The Future?DORA 2024 reportContainer Security: It’s All About the Supply Chain - Michele ChubirkaSoftware composition analysis (SCA) DevSecOps Decisioning PrinciplesKubernetes CIS Benchmark Cloud-Native Consumption PrinciplesState of WebAssembly outside the Browser - Abdel SghiouarWhy Perfect Compliance Is the Enemy of Good Kubernetes Security - Michele Chubirka - KubeCon NA 2024

Duration:00:41:16

Ask host to enable sharing for playback control

EP194 Deep Dive into ADR - Application Detection and Response

10/14/2024
Guest: Daniel Shechter, Co-Founder and CEO at Miggo Security Topics: Resources: EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud EP143 Cloud Security Remediation: The Biggest Headache? Miggo research re: vulnerability ALBeast “WhatDR or What Detection Domain Needs Its Own Tools?” “Making Sense of the Application Security Product Market” “Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem“

Duration:00:30:55

Ask host to enable sharing for playback control

EP193 Inherited a Cloud? Now What? How Do I Secure It?

10/7/2024
Guests: Taylor LehmannLuis Urena Topics security teams are brought in after a cloud environment is already established walk us through Resources: “Confetti cannons or fire extinguishers? Here’s how to secure cloud surprises” EP179 Teamwork Under Stress: Expedition Behavior in Cybersecurity Incident Response IAM Recommender“TM" book by Adam Shostack “Checklist Manifesto” “Moving shields into position: How you can organize security to boost digital transformation”

Duration:00:30:41

Ask host to enable sharing for playback control

EP192 Confidential + AI: Can AI Keep a Secret?

9/30/2024
Guest: Nelly Porter Topics: Resources: Video EP48 Confidentially Speaking 2: Cloudful of Secrets EP1 Confidentially Speaking “To securely build AI on Google Cloud, follow these best practices“paper

Duration:00:33:04

Ask host to enable sharing for playback control

EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!

9/23/2024
Guest: Dan Nutting, Manager - Cyber Defense, Google Cloud Topics: What is the Defender’s Advantage and why did Mandiant decide to put this out there? This is the second edition. What is different about DA-II? Why do so few defenders actually realize their Defender’s Advantage? The book talks about the importance of being "intelligence-led" in cyber defense. Can you elaborate on what this means and how organizations can practically implement this approach? Detection engineering is presented as a continuous cycle of adaptation. How can organizations ensure their detection capabilities remain effective and avoid fatigue in their SOC? Many organizations don’t seem to want to make detections at all, what do we tell them? What is this thing called “Mission Control”- it sounds really cool, can you explain it? Resources: Defender’s Advantage book The Defender's Advantage: Using Artificial Intelligence in Cyber Defense supplemental paper “Threat-informed Defense Is Hard, So We Are Still Not Doing It!” blog Mandiant blog

Duration:00:23:36

Ask host to enable sharing for playback control

EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures

9/16/2024
Guest: Josh Liburdi Topics: federated security data search Resources: BSidesSF 2024 - Reinventing ETL for Detection and Response Teams (Josh Liburdi)“How to Build Your Own Security Data Pipeline (and why you shouldn’t!)” “Decoupled SIEM: Brilliant or Stupid?” “Security Correlation Then and Now: A Sad Truth About SIEM”#1 popular post “Log Centralization: The End Is Nigh?” “20 Years of SIEM: Celebrating My Dubious Anniversary”“Navigating the data current: Exploring Cribl.Cloud analytics and customer insights”OCSF

Duration:00:30:00

Ask host to enable sharing for playback control

EP189 How Google Does Security Programs at Scale: CISO Insights

9/9/2024
Guest: Royal Hansen, CISO, Alphabet Topics: What were you thinking before you took that “Google CISO” job? Google's infrastructure is vast and complex, yet also modern. How does this influence the design and implementation of your security programs compared to other organizations? Are there any specific challenges or advantages that arise from operating at such a massive scale? What has been most surprising about Google’s internal security culture that you wish you could export to the world at large? What have you learned about scaling teams in the Google context? How do you design effective metrics for your teams and programs? So, yes, AI. Every organization is trying to weigh the risks and benefits of generative AI–do you have advice for the world at large based on how we’ve done this here? Resources: EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil CISA Secure by Design EP20 Security Operations, Reliability, and Securing Google with Heather Adkins EP91 “Hacking Google”, Op Aurora and Insider Threat at Google “Delivering Security at Scale: From Artisanal to Industrial” SRE book: CHapter 5: Toil Elimination SRS book: Security as an Emergent Property What are Security Invariants? EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You “Against the Gods - Remarkable Story of Risk” book

Duration:00:30:23

Ask host to enable sharing for playback control

EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security

9/2/2024
Guest: Dor Fledel, Founder and CEO of Spera Security, now Sr Director of Product Management at Okta Topics: We say “identity is the new perimeter,” but I think there’s a lof of nuance to it. Why and how does it matter specifically in cloud and SaaS security? How do you do IAM right in the cloud? Help us with the acronym soup - ITDR, CIEM also ISPM (ITSPM?), why are new products needed? What were the most important challenges you found users were struggling with when it comes to identity management? What advice do you have for organizations with considerable identity management debt? How should they start paying that down and get to a better place? Also: what is “identity management debt”? Can you answer this from both a technical and organizational change management perspective? It’s one thing to monitor how User identities, Service accounts and API keys are used, it’s another to monitor how they’re set up. When you were designing your startup, how did you pick which side of that coin to focus on first? What’s your advice for other founders thinking about the journey from zero to 1 and the journey from independent to acquisition? Resources: EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler EP127 Is IAM Really Fun and How to Stay Ahead of the Curve in Cloud IAM? EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!) EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy? “Secrets of power negotiating“ book

Duration:00:29:28

Ask host to enable sharing for playback control

EP187 Conquering SOC Challenges: Leadership, Burnout, and the SIEM Evolution

8/26/2024
Guest: Nicole Beckwith, Sr. Security Engineering Manager, Threat Operations @ Kroger Topics: What are the most important qualities of a successful SOC leader today? What is your approach to building and maintaining a high-functioning SOC team? How do you approach burnout in a SOC team? What are some of the biggest challenges facing SOC teams today? Can you share some specific examples of how you have built and - probably more importantly! - maintained a high-functioning SOC team? What are your thoughts on the current state of SIEM technology? Still a core of SOC or not? What advice would you give to someone who inherited a SOC? What should his/her 7/30/90 day plan include? Resources: EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond EP64 Security Operations Center: The People Side and How to Do it Right EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond! EP26 SOC in a Large, Complex and Evolving Organization “The first 90 days”

Duration:00:29:41

Ask host to enable sharing for playback control

EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim

8/19/2024
Guests: A debate between Tim and Anton, no guests Debate positions: You must buy the majority of cloud security tools from a cloud provider, here is why. You must buy the majority of cloud security tools from a 3rd party security vendor, here is why. Resources: EP74 Who Will Solve Cloud Security: A View from Google Investment Side EP22 Securing Multi-Cloud from a CISO Perspective, Part 3 EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use “The cloud trust paradox: To trust cloud computing more, you need the ability to trust it less” blog “Snowcrash” book VMTD

Duration:00:27:18

Ask host to enable sharing for playback control

EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You

8/12/2024
Guest: David LaBianca, Senior Engineering Director, Google Topics: The universe of AI risks is broad and deep. We’ve made a lot of headway with our SAIF framework: can you give us a) a 90 second tour of SAIF and b) share how it’s gotten so much traction and c) talk about where we go next with it? The Coalition for Secure AI (CoSAI) is a collaborative effort to address AI security challenges. What are Google's specific goals and expectations for CoSAI, and how will its success be measured in the long term? Something we love about CoSAI is that we involved some unexpected folks, notably Microsoft and OpenAI. How did that come about? How do we plan to work with existing organizations, such as Frontier Model Forum (FMF) and Open Source Security Foundation (OpenSSF)? Does this also complement emerging AI security standards? AI is moving quickly. How do we intend to keep up with the pace of change when it comes to emerging threat techniques and actors in the landscape? What do we expect to see out of CoSAI work and when? What should people be looking forward to and what are you most looking forward to releasing from the group? We have proposed projects for CoSAI, including developing a defender's framework and addressing software supply chain security for AI systems. How can others use them? In other words, if I am a mid-sized bank CISO, do I care? How do I benefit from it? An off-the-cuff question, how to do AI governance well? Resources: CoSAI site, CoSAI 3 projects SAIF main site Gen AI governance: 10 tips to level up your AI program “Securing AI: Similar or Different?” paper Our Security of AI Papers and Blogs Explained

Duration:00:24:27

Ask host to enable sharing for playback control

EP184 One Week SIEM Migration: Fact or Fiction?

8/5/2024
Guest: Manan Doshi Questions: Resources: Google Cloud Security Summit “Etsy and the art of SIEM Migration” “Ancillary Justice” StreamAlertspicy version vanilla version long detailed version Can We Have “Detection as Code”?Google SecOps EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?

Duration:00:24:45

Ask host to enable sharing for playback control

EP183 Cloud Security Journeys: Improve, Evolve, Transform with Cloud Customers

7/29/2024
Guests: Jaffa Edwards, Senior Security Manager @ Google Cloud Lyka Segura, Cloud Security Engineer @ Google Cloud Topics: Security transformation is hard, do you have any secret tricks or methods that actually make it happen? Can you share a story about a time when you helped a customer transform their cloud security posture? Not just improve, but actually transform! What is your process for understanding their needs and developing a security solution that is tailored to them? What to do if a customer does not want to share what is necessary or does not know themselves? What are some of the most common security mistakes that you see organizations make when they move to the cloud? What about the customers who insist on practicing in the cloud the same way they did on-premise? What do you tell the organizations that insist that “cloud is just somebody else’s computer” and they insist on doing security the old-fashioned way? What advice would you give to organizations that are just starting out on their cloud security journey? What are the first three cloud security steps you recommend that work for a cloud environment they inherited? References EP86 How to Apply Lessons from Virtualization Transition to Make Cloud Transformation Better For a successful cloud transformation, change your culture first Building security guardrails for developers with Google Cloud Google Cloud Consulting

Duration:00:30:15