Look for any podcast host, guest or anyone
Showing episodes and shows of

Anton Chuvakin

Shows

Cloud Security Podcast by GoogleCloud Security Podcast by GoogleEP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025Guests:  no guests, just us in the studio Topics: At RSA 2025, did we see solid, measurably better outcomes from AI use in security, or mostly just "sizzle" and good ideas with potential? Are the promises of an "AI SOC" repeating the mistakes seen with SOAR in previous years regarding fully automated security operations? Does "AI SOC" work according to RSA floor? How realistic is the vision expressed by some [yes, really!] that AI progress could lead to technical teams, including IT and security, shrinking dramatically or even to zero in a few years? Why do companies c...2025-05-0531 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP221 Special - Semi-Live from Google Cloud Next 2025: AI, Agents, Security ... Cloud?Guests: No guests [Tim in Vegas and Anton remote] Topics: So, another Next is done. Beyond the usual Vegas chaos, what was the overarching security theme or vibe you [Tim] felt dominated the conference this year? Thinking back to Next '24, what felt genuinely different this year versus just the next iteration of last year's trends? Last year, we pondered the 'Cloud Island' vs. 'Cloud Peninsula'. Based on Next 2025, is cloud security becoming more integrated with general cyber security, or is it still its own distinct domain? What wider trends did you observe, perhaps from the...2025-04-2330 minBreakpoint Security PodcastBreakpoint Security Podcast#S03EP10 SOC - Beyond Automation | Dr. Anton ChuvakinIn this episode of the Breakpoint Security Podcast, we dive into the evolving world of Security Operations Centers (SOC) with Dr. Anton Chuvakin, Security Advisor at the Office of the CISO, Google Cloud.Key discussion points include:Event Correlation: Exploring the automation of correlating security events in real-time and at scale. When should we rely on automation, and where does human expertise still play a vital role?Threat Detection & Response: A deep dive into machine learning (ML) and behavior-based analytics for threat detection, including insider threats and the...2024-12-1444 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs TimGuests: A debate between Tim and Anton, no guests Debate positions: You must buy the majority of cloud security tools from a cloud provider, here is why. You must buy the majority of cloud security tools from a 3rd party security vendor, here is why. Resources: EP74 Who Will Solve Cloud Security: A View from Google Investment Side EP22 Securing Multi-Cloud from a CISO Perspective, Part 3 EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use “The cloud trust pa...2024-08-1927 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP178 Meet Brandon Wood: The Human Side of Threat Intelligence: From Bad IP to Trafficking BustsGuest: Brandon Wood, Product Manager for Google Threat Intelligence Topics: Threat intelligence is one of those terms that means different things to everyone–can you tell us what this term has meant in the different contexts of your career?  What do you tell people who assume that “TI = lists of bad IPs”? We heard while prepping for this show that you were involved in breaking up a human trafficking ring: tell us about that! In Anton’s experience, a lot  of cyber TI is stuck in “1. Get more TI 2. ??? 3. Profit!” How...2024-06-2432 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)Guests: Evan Gilman, co-founder CEO of Spirl Eli Nesterov, co-founder CTO of Spril Topics: Today we have IAM,  zero trust and security made easy. With that intro, could you give us the 30 second version of what a workload identity is and why people need them?  What’s so spiffy about SPIFFE anyway?  What’s different between this and micro segmentation of your network–why is one better or worse?  You call your book “solving the bottom turtle” could you tell us what that means? What are th...2024-04-0130 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP164 Quantum Computing: Understanding the (very serious) Threat and Post-Quantum CryptographyGuest: Jennifer Fernick, Senor Staff Security Engineer and UTL, Google Topics: Since one of us (!) doesn't have a PhD in quantum mechanics, could you explain what a quantum computer is and how do we know they are on a credible path towards being real threats to cryptography? How soon do we need to worry about this one? We’ve heard that quantum computers are more of a threat to asymmetric/public key crypto than symmetric crypto. First off, why? And second, what does this difference mean for defenders? Why (ho...2024-03-1831 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for AllGuest: Kevin Mandia, CEO at Mandiant, part of Google Cloud Topics: When you look back, what were the most surprising cloud breaches in 2023, and what can we learn from them? How were they different from the “old world” of on-prem breaches?  For a long time it’s felt like incident response has been an on-prem specialization, and that adversaries are primarily focused on compromising on-prem infrastructure. Who are we seeing go after cloud environments? The same threat actors or not? Could you share a bit about the mistakes and risks t...2023-12-1828 minDetection at ScaleDetection at ScaleGoogle Cloud’s Anton Chuvakin on Decoupled SIEMs and the Future of Data Platforms and SecurityOn this week's episode of the Detection at Scale podcast, Jack talks with Dr. Anton Chuvakin, Senior Security Staff at the Office of the CISO at Google Cloud. They dig deeper into the conversation taking place online around decoupled SIEMs, which both Jack and Anton wrote about. They discuss what a decoupled SIEM is, the evolution of data platforms and security capabilities, if decoupled SIEMs will work broadly with current customer demands, and if having backend data lakes is the best solution for fast, real-time querying. Topics discussed: What is a decoupled SIEM, and why the...2023-11-2845 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP142 Cloud Security Podcast Ask Me Anything #AMA 2023Host: Stephanie Wong, Product Manager, Google Cloud Guests (yes, really, we are the guests!): Anton Chuvakin Tim Peacock Topics: Could you tell us how you ended up in security? What was the moment you realized that Cloud security was different from well, regular, security?   Anton is always asking this “3AM test”, where did that come from? How do you source topics for the podcast? What advice would you give to folks who are interested in getting into security? … a...2023-10-0932 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP137 Next 2023 Special: Conference Recap - AI, Cloud, Security, Magical Hallway ConversationsGuests:  no guests, all banter, all very fun :-) Topics: How is Google Next this year? What is new in cloud security? Is Google finally a security vendor? What are some of the fun security presentations we've seen, including our own? Any impactful launches in security? What was the most interesting overall? Resources: “Next 2023 Special: Building AI-powered Security Tools - How Do We Do It?” (ep136) “RSA 2023 - What We Saw, What We Learned, and What We're Excited About” (ep119)2023-09-0523 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP132 Chaos Engineering for Security: How to Improve Software Resilience with Kelly ShortridgeGuest: Kelly Shortridge, Senior Principal Engineer in the Office of the CTO at Fastly Topics:  So what is Security Chaos Engineering? “Chapter 5. Operating and Observing” is Anton’s favorite. One thing that mystifies me, however, is that you outline how to fail with alerts (send too many), but it is not entirely clear how to practically succeed with them? How does chaos engineering help security alerting / detection? How chaos engineering (or is it really about software resilience?)  intersects with Cloud security - is this peanut butter and chocolate or more lik...2023-07-3136 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP130 Cloud is Secure: Are you Using It Securely - True or False?Guest:  Steve Riley, Field CTO, Netskope, ex-Gartner Research VP Topics: Analysts (well, like Steve and Anton in the past?) say that “cloud is secure, but clients just aren’t using it securely”, what is your reaction to this today? When clients hear “use cloud securely”, what do you think comes to their minds? How would you approach planning for secure use of the cloud or using cloud securely? What is your view of cloud defense in depth (DiD) or layered defenses? How do you suggest clients think about it? What about DiD for SaaS? What are your though...2023-07-1734 minDetection at ScaleDetection at ScaleGoogle’s Anton Chuvakin and Timothy Peacock on How to Take Your D&R Efforts from 0 to 1 — or 5, or 100On this week's episode of the Detection at Scale podcast, Jack talks with Anton Chuvakin, Security Advisor at the Office of the CISO at Google Cloud, and Timothy Peacock, Senior Product Manager at Google. Together, they discuss some of the needs and trends in cybersecurity today, including how to know what level of D&R your organization needs, the use cases for AI today, and how LLMs and SIEMs will handle data at scale. They also talk about the need for more creative solutions to misconfiguration management, three things security practitioners can do to improve cloud security, and why...2023-07-0544 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP122 Firewalls in the Cloud: How to Implement Trust Boundaries for Access ControlGuest: Michele Chubirka, Senior Cloud Security Advocate, Google Cloud Topics: So, if somebody wakes you up at 3AM (“Anton’s 3AM test”) and asks “Do we need firewalls in the cloud?” what would you say? Firewalls (=virtual appliances in the cloud or routing cloud traffic through physical firewalls) vs firewalling (=controlling network access) in the cloud, do they match the cloud-native realities? How do you implement trust boundaries for access control with cloud-native options? Can you imagine a modern cloud native security architecture that includes a firewall?2023-05-2234 minThe Cybersecurity Defenders PodcastThe Cybersecurity Defenders Podcast#30 - A conversation on the history of security tooling with Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google CloudOn this episode of the Cybersecurity Defenders podcast we have a conversation around the history of security tooling with Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud.Dr. Anton Chuvakin is currently involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. He is also a co-host of Cloud Security Podcast http://www.twitter.com/CloudSecPodcastUntil June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team...2023-05-0229 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP110 Detection and Response in a High Velocity and High Complexity EnvironmentGuest:  David Seidman, Head of Detection and Response @ Robinhood Toipics: Tell us about joining Robinhood and prioritizing focus areas for detection in your environment? Tim and Anton argue a lot about what kind of detection is best - fully bespoke and homemade, or scalable off-the-shelf. First, does our framework here make sense, and second, looking at your suite of detection capabilities, how have you chosen to prioritize detection development and detection triage? You're operating in AWS: there are a lot of vendors doing detection in AWS, including AWS themselves. H...2023-02-2727 minHumans of InfoSecHumans of InfoSecEpisode 76: Exploring Security in the Past, Present, and Future with Anton ChuvakinSecurity Advisor at Office of the CISO and Co-Host of Google's Cloud Security Podcast, Dr. Anton Chuvakin, chats with Caroline about the past, present and future: how a hacked computer shifted his interest from physics to security, how threats from the 80s still plague orgaizations, and how cybersecurity will continue to spill out of the digital realm into the physical world. Some helpful links on things mentioned in the episode: Anton's security predictions back in 2010: https://chuvakin.blogspot.com/2010/01/security-predictions-2020.html A review on those predictions 10 years later: https://medium.com/anton-on-security/checking-my-2010-security-predictions-in-2020-932f6233a731 Related episodes from...2022-12-0124 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?Guests: Matt Linton, Chaos Specialist @ Google John Stone, Chaos Coordinator @ Office of the CISO, Google Cloud Topics: Let’s talk about security incident response in the cloud.  Back in 2014 when I [Anton] first touched on this, the #1 challenge was getting the data to investigate as cloud providers had few logs available. What are the top 2022 cloud incident response challenges? Does cloud change the definition of a security incident? Is “exposed storage bucket” an incident? Is vulnerability an incident in the cloud? What should I have in my incident response plans for the cloud? Should I have a separ...2022-11-2126 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP94 Meet Cloud Security Acronyms with Anna BelakGuest:  Dr Anna Belak, Director of Thought Leadership at Sysdig, former Gartner analyst Questions: Analysts (and vendors) coined a log of “C-something acronyms” for cloud security, and two of the people on this episode were directly involved in some of them. What do you make of all the cloud security acronym proliferation? What is CSPM? What gets better when you deploy it? What is CWPP? Does anything get better when you deploy it? What is CNAPP? What gets better when you deploy it? What is CIEM, Anton’s least fave acronym? Now, what about CDR?  Resource...2022-10-3127 minCloud AceCloud AceAnton Chuvakin: Remapping Mental Models in IT, Security, and Compliance for the CloudDr. Anton Chuvakin and Brandon Evans discuss why some organizations desperately try to follow the on-premises blueprint when securing the cloud, how to prevent Compliance from getting in the way of the evolution of IT Security, and what Anton is doing at Google Cloud to deal with the Shared Responsibility Model breaking in the real world.Our Guest - Dr. Anton ChuvakinDr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019.Anton was, until...2022-10-0549 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP82 Mega-confused by XDR? You Are Not Alone! This XDR Skeptic Clarifies!Guest: Dimitri McKay,  Principal Security Strategist @ Splunk Topics: How do you define that "XDR thing" that you are so skeptical about? So within that definition of XDR, you think it’s not so great, why? If you have to argue pro-XDR, what would you say? Two main XDR camps are “XDR as EDR+” and “XDR as SIEM-”, which camp do you think is more right? Are both wrong? What approach do you think is more useful as a lens to understand the potential upsides/downsides of XDR? What about the cloud? "Cloud XDR" seems a bit illogical...2022-09-0528 minScreaming in the CloudScreaming in the CloudCloud Security and Cost with Anton ChuvakinAbout AntonDr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019.Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. (see chuvakin.org for more)Links Referenced:Google Cloud: https://cloud.google.com/Cloud Security Podcast: https://cloud.withgoogle.com/cloudsecurity/podcast/Twitter: https://twitter.com/anton_chuvakinMedium blog: https://medium.com/@anton.chuvakin2022-08-0235 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP70 RSA 2022 Reflections - Securing the Past vs Securing the FutureGuests: none Topics: What have we seen at the RSA 2022 Conference? What was the most interesting and unexpected? What was missing? Resources: “RSA 2022 Musings: The Past and The Future of Security” Google Cloud Security at RSA 2022 2022-06-1622 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP69 Cloud Threats and How to Observe ThemGuest: James Condon,  Director of Security Research @  Lacework  Topics: What are realistic and actually observed cloud threats today? How did you observe them at Lacework? Cloud threats: are they on-premise  style threats to cloud assets? We hate the line “cloud is just somebody else’s computer” but apparently threats actors seem to think so? What is the 2nd most dangerous cloud issue after configuration mistakes? Why is it so common for organizations to have insecure configurations in their cloud environments?  Give me a few examples of the most common mistakes organizations make, and what they can do to avoid...2022-06-1329 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP68 How We Attack AI? Learn More at Our RSA Panel!Guest:  Nicholas Carlini, Research Scientist @ Google  Topics: What is your threat model for a large-scale AI system? How do you approach this problem? How do you rank the attacks? How do you judge if an attack is something to mitigate? How do you separate realistic from theoretical? Are there AI threats that were theoretical in 2020, but may become a daily occurrence in 2025? What are the threat-derived lessons for securing AI? Do we practice the same or different approaches for secure AI and reliable AI? How does relative lack of transparency in AI helps (or hurts?) attackers an...2022-06-0628 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?Guest:  Sounil Yu, CISO and Head of Research at JupiterOne Topics: How does your Cyber Defense Matrix apply to cloud security? Are things easier or harder? Cloud (at least the cloudy-cloud, also called cloud native) definitely supports “Distributed Immutable Ephemeral” (DIE) - your new creation, how does that change security and CDM? Cyber resilience generates a lot of confusion, how do you define and describe it?  BTW, is the cloud more or less cyber resilient based on your definition? Is invisible security a good thing? Can we ever have it? When should security be visible? Intuitively, securi...2022-05-3125 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP66 Is This Binary Legit? How Google Uses Binary Authorization and Code ProvenanceGuest: Sandra Guo, Product Manager in Security, Google Cloud Topics: We have a really interesting problem here: if we make great investments in our use of trusted repositories, and great investments in doing code review on every change, and securing our build systems, and having reproducible builds, how do we know that all of what we did upstream is actually what gets deployed to production? What are the realistic threats that Binary Authorization handles? Are there specific organizations that are more at risk from those? What’s the Google inspiration for this work, both development and ad...2022-05-2324 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP65 Is Your Healthcare Security Healthy? Mandiant Incident Response InsightsGuests: Charles Carmakal, CTO at Mandiant  Taylor Lehmann, Director at Office of the CISO, Google Cloud Topics: What are the current “popular” incidents at healthcare providers that you handled? Any of them involve cloud?  Do healthcare CISOs have time for anything other than ransomware? Does insider threat matter? What can incident response teach us here? How do you think the threat actors benefit from the health data they steal?  Based on your IR experience, what are the more interesting ways in, other than phishing? Give us your IR-informed take on ransomware pay/not pay focused on healthc...2022-05-1628 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP64 Security Operations Center: The People Side and How to Do it RightGuest: Dave Herrald @ Principal Security Strategist, Google Cloud Topics: What are some tenets of good SOC training? How does this depend on the SOC model (traditional L1/L2/L3, virtual, etc)? How do you make SOC training realistic? Should training be about the toolset or should it be about the analyst’s skills? Should you primarily train for engineering skills or analysis skills? Do you need to code to succeed in a modern SOC? Are competitive events like CTFs effective for SOC training? What role does SOC training play in bringing new, perhaps under-represented people into security operations an...2022-05-0929 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP63 State of Autonomic Security Operations: Are There Sharks in Your SOC?Guests: Robert Herjavec, Founder and CEO of Herjavec Group Eric Foster, President of CYDERES  Iman Ghanizada, Global Head of Autonomic Security Operations at Google Cloud. Topics: It’s been a few months since we launched Autonomic Security Operations (ASO) and it seems like the whitepaper has been going viral in the industry. Tell us what ASO is about? How was the ASO story received by your customers? Any particular reactions? Will the ASO narrative inspire the next generation of practitioners? Where do you envision the market headed? ASO is about transforming the SOC, and that often inv...2022-05-0234 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP62 Protect Modern Applications in the Cloud: Union of APIs and Application SecurityGuest: Etienne De Burgh, Senior Security and Compliance Specialist, Office of the CISO @ Google Cloud Topics: Why is API security hot now? What happened that made it a priority for many?  Is API security different from application security? Doesn't the first "A" in API  stand for application?  What are the real threats to exposed APIs? APIs are designed for automated use, so how do you tell automated use from automated abuse / attack? What are the biggest challenges that companies are having with API security? What are the components of API security? Is there a “secure by defau...2022-04-2527 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP61 Anniversary Episode - What Did We Learn So Far on Cloud Security Podcast?No guests - just Anton and Tim Topics: Why cloud security? What do we really think about our podcast name and topic, cloud security? Can you once again explain security for the cloud, in the cloud, from the cloud? What is one thing that we learned from doing a podcast? Favorite cloud security trend that we encountered on the podcast?  What did we learn about security from organization's migrating to the cloud? What are our favorite reading materials related to cloud security? What are our favorite tips from the guests on securing the cloud? Resources:2022-04-1826 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP60 Impersonating Service Accounts in GCP and Beyond: Cloud Security Is About IAM?Guest:  Dylan Ayrey, cofounder of Truffle Security Topics: Could you explain briefly why identity is so important in the cloud? A skeptic on cloud security once told us that “in the cloud, we are one identity mistake from a breach.” Is this true? For listeners who aren’t familiar with GCP, could you give us the 30 second story on “what is a service account.” How is it different from a regular IAM account? What are service account impersonations? How can I see if my service accounts can be impersonated? How do I detect it? How can I better se...2022-04-1130 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP59 Zero Trust: So Easy Even a Government Can Do It?Guest:  Sharon Goldberg, CEO and cofounder of BastionZero and a professor at Boston University Topics: What is your favorite definition of zero trust? You had posted a blog analyzing the whitehouse ZT a memo on the federal government’s transition to “zero trust”,  what caught your eye about the Zero Trust memo and why did you decide to write about it? What’s behind the federal government’s recommendations to deprecate VPNs and recommend users “authenticate to applications, not networks”? What do these recommendations mean for cloud security, today and in the future? What do you think would be t...2022-04-0427 minCISO Tradecraft®CISO Tradecraft®#72 - Logging In with SIEMs (with Anton Chuvakin)On this episode of CISO Tradecraft, Anton Chuvakin talks about Logging, Security Information & Event Management (SIEM) tooling, and Cloud Security.  Anton share’s fantastic points of view on: How moving to the cloud is like moving to a space station (13:44) How you may be one IAM mistake away from a breach (20:05) How a SIEM is a logging based approach, whereas EDRs require agents at endpoints.  This becomes really interesting when cloud solutions don’t have an endpoint to install an agent (26:53) Why you don’t want an on premises SIEM (32:35) The 3 AM Test - Should you wake someone up for t...2022-04-0448 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP0 New Audio Trailer: Cloud Security Podcast by GoogleNew Audio Trailer: Cloud Security Podcast by Google2022-03-2801 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and BeyondGuests:  Alexi Wiemer,  Senior Manager at Deloitte Cyber Detection and Response Practice Dan Lauritzen,  Senior Manager at Deloitte Cloud Security Practice. Topics: What is your key learning about the state of SOC today? What one SOC trend are you hearing the most or most interested in?  What is your best advice to SOCs that are permanently and woefully understaffed?  Many SOC analysts are drowning in manual work, and it is easy to give advice that “they   need to automate.” What does this actually entail, in real life? What is, in your view, the most critical t...2022-03-2828 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP57 Stop Zero Days, Save the World: Project Zero's Maddie Stone SpeaksGuest: Maddie Stone, Security Researcher @ Google Topics: How do we judge the real risk of being attacked using an exploit for a zero day vulnerability? Does the zero day risk vary by company, industry, etc?  What does pricing for zero days tell us, if anything? Are prices more driven by supply or demand these days? What security controls or defenses are useful against zero days including against chained zero days? Where are the cloud zero days? We get lots of attention on iOS and Android, what about the cloud platforms?  So, how do we solve the pa...2022-03-2125 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP56 Rebuilding vs Forklifting and How to Secure a Data Warehouse in the CloudGuest:  Erlander Lo, Security and Compliance Specialist @ Google Cloud Topics: Imagine you are planning a data warehouse in the cloud, how do you think about security? What are the expected threats to a large data store in the cloud? How to create your security approach for a data warehouse project? Are there regulations that force your decisions about security controls or  approaches, no matter what the threats are? How do you approach data governance for this project? What controls are there to implement in Google Cloud for a secure data warehouse effort? Resources: Secure Da...2022-03-1425 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP55 The Magic of Cloud Migration: Learn Security Lessons from the FieldGuests: Brandie Anderson, Global Security Practice Lead @ Google Cloud Renzo Cuadros,  Regional Security Practice Lead @ Google Cloud Topics: What are your Cloud migration security lessons? Greatest hits? Near misses? What are the most common cloud security mistakes you see? Any practices or tricks to avoid or mitigate them? How do you talk people out of security “lift and shift”? Do clients understand how threat models change when they migrate to the cloud? How clients typically handle compliance in the cloud? What regulations are the most challenging in the cloud? What is the future for cloud migration secur...2022-03-0726 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP54 Container Security: The Past or The Future?Guest:  Anna Belak,  Director of Thought Leadership @ Sysdig Topics: One model for container security is “Infrastructure security  | build security | runtime security” -  which is most important to get right? Which is hardest to get right?  How are you helping users get their infrastructure security right, and what do they get wrong most often here? Your report states that “3⁄4 of running containers have at least one "high" or "critical" vulnerability“ and it  sounds like pre-cloud IT, but this is about containers?  This was very true  before cloud, why is this still true in cloud native?  Aren’t containers easy to “p...2022-02-2824 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP53 Seven Years of SOAR: What's Next?Guest:  Amos Stern, CEO of SIEMplify, now part of Google Cloud Topics: SOAR is in the news again,  so what can we say about the state of SOAR in 2022? What have we learned trying to get SOAR adopted 2015-2022 (that’s 7 years of SOAR-ing for you)? What are the top playbooks to start your SOC automation using SOAR?  What about the links between SOAR as security automation and general IT automation?  Does the level of consolidation in this market mean that SOAR really is a feature of SIEMs and not a product in its own right? Reso...2022-02-2223 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP52 Securing AI with DeepMind CISOGuest: Vijay Bolina, CISO at DeepMind Topics: We spend a lot of time on Artificial Intelligence (AI) safety, but what about security?  What are some of the useful frameworks for thinking about AI security? What is different about securing AI vs securing another data-intensive, complex, enterprise application? What do we know about threat modeling for AI applications? What attacks against AI systems do we expect to see first in real life? What issues with AI security should we expect to face in 3-5 years? Resources: DeepMind Learning Resources DEFCON AI Village and videos CAMLIS  2022-02-1422 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP51 Policy Intelligence: More Fun and Useful than it Sounds!Guest:  Vandy Ramadurai, Product Manager at Google Cloud Topics: What is Cloud Organization Policy, and how is it different from IaC and Policy as code (PaC)? What does successful organization policy design look like from a business and human standpoint? From a technical standpoint? Granular policy work is always hard. How is Google helping users get org policy right?  What are the uniquely Google strengths here?  Is the AI involved real or is this marketing pixie dust AI? How do users know if something should be a proactive control like a guardrail or if something should be a...2022-02-0724 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP50 The Epic Battle: Machine Learning vs Millions of Malicious DocumentsGuest: Elie Bursztein, security, anti-abuse and privacy researcher @ Google Topics: This episode draws on a talk available in the podcast materials. Could you summarize the gist of your talk for the audience? What makes the malicious document problem a good candidate for machine learning (ML)? Could you have used rules? “Millions of documents in milliseconds,” not sure how to even parse it - what is involved in making it work? Can you explain to the listeners the motivation for reanalyzing old samples, what ground truth means in ML/detection engineering, and how you are using this tech...2022-01-3130 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP49 Lifesaving Tradeoffs: CISO Considerations in moving Healthcare to CloudGuest: Taylor Lehmann, Director at the Office of the  CISO @ Google Cloud, member of Cybersecurity Action Team Topics: What’s top of mind for healthcare organizations’ CISOs now? What common advice do you find yourself giving most often to security leaders in healthcare? Is there a list of top 3 items or is this all “it depends”? What regulations are shaping the healthcare industry and its adoption of new technology? HIPAA is from 1996, how does it work for the cloud in the 2020s? Why do you think we aren’t seeing more cloud ransomware? Healthcare orgs are sometimes s...2022-01-2427 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP48 Confidentially Speaking 2: Cloudful of SecretsGuest: Nelly Porter, Group Product Manager @ Google Cloud Topics In the past year, what has changed with Confidential Computing here at Google? Could we please talk about a user or two who has really nailed it with our Confidential Computing?  What have we learned about the threat models of clients who are choosing to deploy Confidential Computing? What are they solving for? Doing Confidential Computing “right” feels like a lot more than having some fancy CPUs with magic math. What challenges do customers face adopting it?  We finally “married” Confidential Computing with EKM. What types of clients ar...2022-01-1829 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP47 Megatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud SecurityGuest: Phil Venables (@philvenables), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: Explain the whole cloud security megatrend concept to us? How can we better explain that “yes, cloud is more secure than most client’s data centers”? Can you please explain "shared fate" one more time? Shared fate seems to require shared incentives. Do we see the incentives to invest in security changing within organizations migrating to Cloud? Cloud as the Digital Immune System sounds really cool, what does it mean for a typical practitioner - security and developers both? What about the risk a...2022-01-1126 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP46 Products and Solutions: Helping Our Customers Precipitate ChangeGuests:  Alison Reyes, Director, Security Solutions, Google Cloud Iman Ghanizada, Solutions Manager for Security Operations & Analytics @ Google Cloud Topics: What is our thinking on solutions vs products for security? Sure, “security is a process, not a product,” but where do solutions fit in? Security as an industry has too many vendors with little understanding of how users secure things, can solutions approach fix that? Google is sometimes known for writing code and just throwing it out there, do solutions change that dynamic for Google Cloud clients who come to us for security? Who are the target users...2021-12-0622 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP45 VirusTotal Insights on Ransomware Business and TechnologyGuests: Vlad Stolyarov, Security Engineer  @ Threat Analysis Group (TAG) Vicente Diaz,  Threat Intelligence Strategist @ VirusTotal Topics: Why GandCrab / REvil was the most popular ransomware  family in 2020? What is ransomware as a service? Is every scary article about ransomware essentially marketing for the criminals? Some ransomware payoffs are huge, how do you think they spend the money? How else do they profit off stolen data apart from double extortion schemes? Are there triple extortion schemes? What is the concept of a “trusted brand in ransomware”, is it better for clients because they will return the data? Why did non...2021-11-2922 minTechSpective PodcastTechSpective PodcastAnton Chuvakin Talks about XDR (Extended Detection and Response)TechSpective Podcast Episode 082 There is a steady evolution and progress of security in response to an ongoing game of cat and mouse with cyber attackers. As attackers adapt and innovate new tools and techniques, the way we approach cybersecurity has to change as well--both strategically and tactically. Extended Detection and Response--or XDR--seems to be the next thing. My guest for this episode is my friend Anton Chuvakin. I have known Anton for many, many years--dating back before our work together on the original publication of PCI Compliance. Since then, Anton went on to be a Gartner analyst, and eventually joined...2021-11-2340 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP44 Evolving a SIEM for the Future While Learning from the PastGuest: Mike Orosz, a Chief Information and Product Security Officer @ Vertiv Topics: What are your views on modern SIEM?  What should it do and what should it be? Should it even be called SIEM?  Is SaaS/cloud-native SIEM the only way to go? Can anybody build a SIEM in the cloud by installing the regular SIEM on IaaS? What are the top challenges for organizations deploying and operationalizing SIEM today? What are some hidden or commonly forgotten costs for a SIEM deployment? Is op...2021-11-2228 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP43 Automation as Paved Roads in Cloud EnablementGuests: Amber Shafi, Production Manager GSK Svetlin Zamfirov, Senior Platform Engineer at GSK Ivan Angelov, Principal Platform Engineer at GSK Topics: Tell us about your team, what are you responsible for and how is the team setup to make that happen? What components of cloud security do you cover? Tell us about cloud misconfigurations and why these are different from on- premise misconfiguration? How are you discovering these misconfigurations?  You've automated responses to misconfiguration. Beyond the obvious upsides of reducing team toil and time to response, what are the other benefits? Are there risk in this a...2021-11-1523 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP42 Missing Diversity Hurts Your SecurityGuest: MK Palmore, Director at Office of the CISO,  Google Cloud, member of Cybersecurity Action Team Topics: Why is there such a huge gap in security professionals who are women and people of color? How does the lack of women and people of color in tech impact the industry, cybersecurity & tech overall? Are diverse teams better performing, better morale, happier people? Are there kinds of threats that we miss in threat modeling exercises for lack of diverse team members? We’ve seen countless examples where AI/ML systems have had problems with laundering biases and having fra...2021-11-0823 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP41 Beyond Phishing: Email Security Isn't SolvedGuest: Ryan Noon, CEO @ Material Security Topics: When we think about traditional email security, we think anti-spam/phishing. Your company is doing other things, so what are they? In other words, isn’t email security solved with legacy appliance vendors (SEG) and cloud email providers?  What was the combination of technology and security opportunities that really resonated with you and your investors that led to your focus on email security? Security has almost 2000 vendors and they are noisy, how do you get to clients without screaming too loud? How do you build a better security vendor? Rel...2021-11-0123 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP40 2021: Phishing is Solved?Guests Elie Bursztein, security, anti-abuse and privacy researcher @ Google Kurt Thomas, security, anti-abuse and privacy researcher @ Google Topics: Can we say that “Multi-Factor Authentication - if done well - fixes phishing for good” or is this too much to say? What are the realistic and seen-in-the-wild bypasses for MFA as a protection? How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)? What do we know about burden vs value of MFA today? What can we realistically do to increase MFA/2FA adoption to the 90%s? Can we share anyt...2021-10-2531 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP39 From False Positives to Karl Popper: Rationalizing Cloud Threat DetectionGuest: Jared Atkinson, Adversary Detection Technical Director at SpecterOps Topics: What are bad/good/great detections? Is this all about the Bianco's pyramid? Is high good and low bad? How should we judge the quality of detections? Can there be a quality framework? Is that judgment going to be site specific? What should we do to build more good directions? Is this all about reducing false positives? Can we really measure false negatives? How can we approach this? How can we test for detection goodness in the real world? What are the methods that work? It...2021-10-1830 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleNEXT Special - 6 Cloud Security PMs (and a Developer Advocate!) Walk into a StudioGuests: Stephanie Wong Vicente Diaz, Jerome McFarland Scott Ellis Patrick Faucher Il-Sung Lee, Anoosh Saboori Topics: What is your session about? Why would audience care? What is special about your security technology? Resources: Google Cloud Next 2021 SEC212 6 layers of GCP data center security SEC101 Ransomware and cyber resilience SEC204 Take charge  of your sensitive data SEC207 Securing the software supply chain SEC300 Trust the cloud more by trusting it less: Ubiquitous data encryption 2021-10-1431 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleNEXT Special - Google Cybersecurity Action Team: What's the Story?Guest: Phil Venables (@philvenables), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: We are here to talk Google Cybersecurity Action Team, and this is your brainchild, so tell our audience the origin of this idea? How is Cybersecurity Action Team going to help secure GCP enterprise clients? Is there also a “improve the security of the internet” story? Many organizations seem stuck in the pre-cloud thinking and mental models, can Cybersecurity Action Team help them transform their security? How? When we sometimes present our security innovations to clients, they say “but we are not Google...2021-10-1320 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleNEXT Special - Cloud Security and DEI: Being an Ally!Guest: Aditi Joshi, Manager in Cloud Security Team @ Google Cloud Topics: What is Allyship? How is it defined? What is its main goal? Why is allyship important in Cloud Security, specifically? Are there aspects of security that make allyship particularly important? What specifically has Google Cloud Security deployed and operationalized around Allyship? How does effective allyship look like? More personally, how can I be a better ally? How does it fit into Google Cloud Security’s overarching DEI efforts? 2021-10-1219 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleNEXT Special - Google Cloud NEXT Security: What to Watch?Guest: Rob Sadowski, Trust and Security Lead @  Google Cloud Topics: What are the big security themes at NEXT? Is security still visible? What about invisible security vs autonomic security? Is that just “invisible security” with a neat name? This has got to be your fourth or fifth Next, right? What’s new this year compared to last years, aside from being virtual? Anything particularly uniquely Google we’re talking about? What to watch at NEXT, if you are a CISO? We secure not just GCP with our tools and approaches, so what to watch if not yet a GCP...2021-10-1120 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP34 Instrumenting Modern Application Stack for Detection and ResponseGuest: Matt Svensson, Senior Security Engineer @ BetterCloud Topics: What are the approaches for monitoring serverless and other modern application architectures? What are the challenges with these new environments? What approaches don’t work? What can go wrong with modern stack security monitoring? What should we watch for in a modern application stack? Most new architecture setups are predicated on identities so is identity the center of threat detection here or not? 2021-10-0425 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP33 Cloud Migrations: Security Perspectives from The FieldGuest: Elliott Abraham, Security and Compliance Specialist @ Google Cloud Topics: We talk about lift and shift vs cloud native, what are these and are they fair characterizations? Is lift and shift always negative? Does it always harm security? Are security planning needs different between them? What are the fundamentals with security during cloud migration that you have to get right regardless? What’s your advice to a security team to help make a migration work well? How do you account for threat model differences in the cloud? Are cloud threats being more different or more the sa...2021-09-2725 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP32 Can You Ever Know Thyself: Cloud Attack Surface ManagementGuest: Derek Abdine, CTO @ Censys.io Topics: Attack Surface Management (ASM). Why do we need a new toolset and  a new category? Isn’t this just 1980s asset management or CMDB? How do we find those assets that may have been misplaced by the organizations? How can any technology do this reliably? ASM seems to often rely on network layer 3 and 4. Can’t bad guys just hit the app endpoints and all your network is irrelevant then? When you think about the threats organizations face due to unknown assets, is data theft at the top of the s...2021-09-2023 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleCloud Certifications, and Cloud Security with TheCertsGuyGuest: Iman Ghanizada,   Solutions Manager for Security Operations & Analytics @ Google Cloud Topics: What is your book “Google Cloud Certified Professional Cloud Architect All-in-One Exam Guide” about?  What was your journey into writing this book, how long did it take? The book seems to be targeted towards Cloud Architects, but you come from a predominantly security background, how has that influenced your writing of this book? What does this have to do with The Certs Guy (14 certs!?)  and what's his mission? What’s the intersectional thinking on certificates and making our industry more accessible and inclusive? Do certs hel...2021-09-1322 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleEP30 Malware Hunting with VirusTotalGuest: Vicente Diaz,  Threat Intelligence Strategist @ VirusTotal Topics: How would you describe modern threat hunting process? Share some of the more interesting examples of attacker activities or artifacts you've seen? Do we even hunt for malware? What gets you more concerned, malware or human attackers? How do you handle the risk of attackers knowing how you perform hunting? What is the role of threat research role for hunting? Do you need research to hunt well? Does threat research power attribution? How do you tell a good YARA rule from a bad one, and a great one? W...2021-09-0726 minDetection: Challenging ParadigmsDetection: Challenging ParadigmsEpisode 12: Anton ChuvakinDr. Anton Chuvakin of the Cloud Security Podcast by Google stops by to talk all things detection with Jared and Jonny. Episode Guide2021-09-0651 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleFuture of EDR: Is It Reason-able to Suggest XDR?Guest:  Sam Curry,  Chief Security Officer @ Cybereason and Visiting Fellow @ National Security Institute Topics: EDR was “invented” in 2013 and we are now in 2021. What do you consider to be modern EDR components and capabilities? Where has EDR fallen short on its initial hype? How focused are the attackers on bypassing EDR? How do you think EDR works in the cloud? In your view, how would future EDR work for containers, microservices, etc? Why aren’t we winning the war against ransomware? XDR is an interesting concept, so how do you define XDR? Is XDR just EDR++ or is XD...2021-08-3027 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleTales from the Trenches: Using AI for Gmail SecurityGuest: Andy Wen, Product Lead for Abuse & Security @ Google Cloud Topics: What are you doing with AI for security? What kinds of security problems are addressable with AI, and which ones are harder to address with ML techniques? Tell us where you’ve been surprised by AI’s success? Do you expect a) AI use by adversaries and b) attacks focused on disrupting the AI use by defenders? What advice would you give a PM or technical lead starting out on thinking they want to use AI to solve a problem? Resources: Andy Wen...2021-08-2319 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleThe Mysteries of Detection Engineering: Revealed!Guest: Keith McCammon, Co-founder and Chief Security Officer, Red Canary Topics: What is Detection Engineering? How it differs from just building rules/analytics? How to convert threat intelligence into detections?  How to tell good detections from bad? And perhaps also good from great? How to test detections in the real world? Anything special about building detections for cloud environments? What do you think is the role of “rule-less” (such as ML) detections? Is “ML unicorn cavalry” coming? Resources: The Red Canary Blog 2021 Threat Detection Report Alerting and Detection Strategy Framework Atomic Red Team toolset 2021-08-1630 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleSOC in a Large, Complex and Evolving OrganizationGuest: Johnathan Keith, Director of Information Security (CISO) @  ViacomCBS Streaming / Digital (at the time of the recording) Topics: What is the mission for your SOC? Has it evolved in recent years? How do you rate your state of maturity in security operations? I hear that your organization is complex and decentralized, how do you run a SOC in such a case? How do you approach the balance of people, process and technology in your SOC? What is the role of outsourcing in your SOC?  Is cloud included in your SOC mission scope? What are the immediate th...2021-08-0920 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleBeyond Compliance: Cloud Security in EuropeGuest:  John Stone, Chaos Coordinator at the Office of the CISO @ Google Cloud Topics: What are the top European-specific cloud migration security challenges? Are there interesting cloud adoption barriers related to security in Europe? Are some of these challenges more compliance than security related? Do you think compliance still drives security in the cloud for European companies? Do you think Europe can ever "make their own cloud"? So, what do you make of this entire movement about “data sovereignty”?  2021-08-0227 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleThreat Detection at Google Cloud Security SummitNo guests. We interviewed each other! Topics: What would you say are the most things that Chronicle is trying to address today? What are the good ways to use threat intel to detect threats that do not ruin your SOC? What does “autonomic” security mean, anyway? Is this a fancy way of saying “automatic” or something more? For sure, “the Cloud is not JUST someone else’s computer“ - but how does this apply to threat detection? What makes threat detection “cloud-native”? What kinds of ML magic does your mini UEBA inside SCC use? Can you really do automate...2021-07-1921 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleDouble-clicking, but not on fire hydrants, with bot fightersGuest 1: - Sparky Toews, product manager for Adobe identity @ Adobe Topics 1: - Why are bots a problem to you? - Can you tell us how you practice securing the UX at Adobe? - What kind of security practices are involved? Guests 2: - Randy Gingeleski, Senior Staff Security Engineer @ HBO Max - Brian Lozada, CISO @ HBO Max Topics 2: - Can you tell us how you practice securing the UX at HBO? - What kind of security practices are involved? - How does reCAPTCHA Enterprise fit into all of this?2021-06-2134 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleMore Cloud Migration Security LessonsGuests: - Jane Chung, VP of Cloud @ Palo Alto - Joe Crawford, Director of Strategic Technology Partnerships for Google Cloud @ Palo Alto Topics: - What are the security mistakes you’ve seen during cloud migrations? - What is your best advice to security leaders who want to go to the cloud using the on-prem playbook? - What security technologies may no longer be needed in the cloud? - How do we teach cloud to security leaders who “grew up” on-premise?2021-06-1432 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleModern Threat Detection at GoogleGuest: - Julien Vehent, Security Manager @ Google Topics: - What is special about detecting modern threats in modern environments? - How does the Google team turn the knowledge of threats into detection logic? - Run through an example of creating a detection for a new threat? - How do we test our detection rules? - We use the same people to write detections and to respond to resulting alerts, how is it working? - What are the key skills of good security analysts to build cloud threat detection?2021-06-0724 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleModern Data Security Approaches: Is Cloud More Secure?Guests: - Tim Dierks, Engineering Director, Data Protection @ Google Cloud Topics: - What are the key components of data security in the public cloud today? - Why do companies need specific data security plans and products? - Do you think Google Cloud today has enough controls for processing the most sensitive data? - What is your view on encryption's role in future cloud security? - Do organizations mostly encrypt for security or for compliance?2021-06-0128 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleScaling Google Kubernetes Engine SecurityGuest: - Greg Castle, Senior Staff Security Engineer at Google Topics: - How is kubernetes security different from traditional host security? - What’s different about securing GKE vs security Kubernetes on-prem? - Where does one start with security hardening for GKE? - In your view, what are top realistic threats to container deployments? - What do users get wrong most often? - Did we manage to make containers both more secure and more usable?2021-05-2420 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleMaking Compliance Cloud-nativeGuest: - Zeal Somani, Security Solutions Manager @ Google Cloud Topics: - What are the usable recipes for thinking about compliance in the cloud? - What regulations are more challenging for public cloud users? - How do you see the client/CSP responsibility split for compliance? - What is this “shift left” for compliance? - How do we educate regulators who insist on 1980s solutions to 2020s problems? - What are the most popular mistakes and blind spots with trying to be compliant in the cloud?2021-05-1920 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleApplication Security in the CloudGuest: - Alyssa Miller,  BISO @ S&P Global Ratings Topics: - How do application security practices change as organizations go to cloud? - What bad things happen to you if you lift/shift your applications to cloud? - What challenges do containers and serverless deployments create for application security? - How can cloud native technologies make application security easier than a traditional on-prem environment? - What can organizations do to ensure the security of cloud-based SaaS solutions?2021-05-1024 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleThreat Models and Cloud SecurityGuest: - Seth Vargo, Security Engineer @ Google Cloud Questions: - How should security teams change their thinking about threats in the cloud? - Where and when should an organization start in building their threat model for their cloud environment? - What are the key changes of threat models after cloud migration? - How should users who are leading the cloud migration help their colleagues think about security in the cloud? - When am I "done" with cloud security planning?2021-05-0319 minCloud Security Podcast by GoogleCloud Security Podcast by GooglePreparing for Cloud Migrations from a CISO Perspective, Part 2Guests: - Phil Venables, VP, Chief Information Security Officer (CISO) @ Google Cloud - Dave Hannigan, Director, Financial Services Security & Compliance @ Google Cloud Topics: - Let's define “cloud-native”? - How do we practically help CISOs “speak cloud”? - What are the first steps to cloud thinking for an “on-premise CISO”? - What are the areas of security where it is easier to become a cloud-native? - How do you see a CISO transition journey from the on-premise thinking to cloud?2021-04-2620 minBlueprint: Build the Best in Cyber DefenseBlueprint: Build the Best in Cyber DefenseAnton Chuvakin: The Current State and Future of Security OperationsClick here to send us your ideas and feedback on Blueprint!In today’s episode, John is joined by Anton Chuvakin to discuss current and future security operations technology, which tools are the most important and which are becoming less important over time, the rules of automation in the SOC and how Anton would setup a modern Security Operations Center for a Cloud native organization.Today's Guest: Anton ChuvakinDr. Anton Chuvakin is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is no...2021-04-2048 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleSIEM Modernization? Is That a Thing?Guest: - Eric Foster, President at CYDERES, a Fishtech Group company Topics: - How do you define “modern” SIEM? - Does modern SIEM always imply SaaS SIEM? - What are your top 3 root causes for SIEM deployment failure today? - Modern or not, does SIEM have a future? - What’s different about threat detection in Cloud? - What is your view of the current frenzy about “AI”/ML for security?2021-04-1924 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleBuilding a Third Party Platform for Cloud SecurityGuest: - Avi Shua, CEO and Co-founder @ Orca Security Topics: - Where do you spend more efforts, on detection of pre-fail issues (like configuration errors) or post-fail issues (like incidents)? - How do you prioritize the preventative and detective controls in your platform? - When talking to CISOs, how do you explain that cloud threat detection is different from the on-premise type? - Do you think your customers care more about cloud-specific threats or traditional threats against cloud assets?2021-04-1227 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleZero Trust: Fast Forward from 2010 to 2021Guest:  - John Kindervag, who is widely considered to be the creator of zero trust model in 2010 (currently works at ON2IT) Topics: - What has changed in the world of zero trust since 2010? - What must be trusted for a zero trust (ZT) system to work? - What are key ZT project success pre-requisites? - Is zero trust hard for most companies? - What’s the most spectacular failure you’ve seen in a ZT project? - Where do you see ZT heading in the next 10+ years?2021-04-0128 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleNo One Expects the Malware InquisitionGuest: - Brandon Levene, Malware Inquisitor @ Google Cloud Topics covered: - Which malware is scarier, state-sponsored or criminal? - How do we approach cybercrime mitigation at Google? - How do we actually track malware? Don’t we need “attribution” for it? - What are the most useful telemetry sources for study in modern malware? - Does ransomware have a bright future? - Where do you see threat actors making the biggest investments?2021-03-2425 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleCloud Security Talks Summarized: A Recap EpisodeGuests: no guests Topics covered: - Discussion of the interesting presentations from Cloud Security Talks Q1 2021 focused on trusted cloud, container security, cyber insurance, Chronicle, ML for network security, etc Resources: - Q2 2021 Cloud Security Talks https://cloudonair.withgoogle.com/events/security-talks-march-20212021-03-1722 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleCloud Security Talks Summarized: A Recap EpisodeGuests: no guests, just Tim and Anton  Topics covered: Discussion of the interesting presentations from Cloud Security Talks Q1 2021 focused on trusted cloud, container security, cyber insurance, Chronicle, ML for network security, etc Resources: All Q1 2021 Cloud Security Talks “Cloud Risk Panel Discussion” video “A conversation on overcoming risk management challenges in the Cloud” video  “Better together - expanding the Confidential Computing ecosystem” video “Detect potential threats to your containers” video “Supercharge your security telemetry with Chronicle” video “Tales from the trenches: Using machine learning to create safer networks” video “Chrome Enterprise Security - A deep dive” video 2021-03-1722 minCloud Security Podcast by GoogleCloud Security Podcast by GooglePreparing for Cloud Migrations from a CISO Perspective, Part 1Guests: - Phil Venables (@philvenables), CISO @ Google Cloud - Nick Godfrey, a member of Office of the CISO @ Google Cloud Topics covered: - Why do you think so many CISOs of traditional organizations fear cloud migrations? - What is your best advice to a CISO who wants to migrate to the cloud using the on-premise playbook, or lift and shift? - What are the real tradeoffs in this decision such as using familiar tools/practices vs cloud benefits/effectiveness?2021-03-1120 minCISO\'s SecretsCISO's SecretsEp. S1E6 - Dr. Anton Chuvakin, Cybersecurity Director at Google CloudDr. Anton Chuvakin, Security Solution Strategist at Google Cloud joins the show to talk about security by design, building and securing the cloud and highlights the challenge is how do we determine who is responsible for what in the cloud. James Azar, CISO and host and Dr. Chuvakin also discuss the challenges of the supply chain and that many small orgs face in addressing security concerns and share some interesting problem-solving ideas and Dr. Chuvakin shares the latest development and drops some hints on the GCP platform CISO's Secrets Podcast is powered by Infinity Global Services (IGS).2021-03-1027 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleGathering Data for Zero TrustEpisode 4 “Gathering Data for Zero Trust” focuses on enabling zero trust access in the real world Guest: Max Saltonstall (@maxsaltonstall), Developer Advocate @ Google Cloud   Topics covered: - What should be trusted for a zero trust system to work? - What is the first thing you need to do to have a zero trust access project succeed? - What data needs to be collected for zero trust system operation?2021-02-2424 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleAutomate and/or Die?Episode 3 “Automate and/or Die?” focuses on automated remediation (or is it response!) in the cloud Guest: Joe Crawford, formerly in charge of cloud-native security at a large bank Topics covered: - Can we automatically remediate vulnerabilities and threats in the cloud? - Did you require humans to be in the loop for your automation? Is that still automation if we do? - Does security fear of automation have a place in the cloud?2021-02-1117 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleData Security in the CloudEpisode 2 “Data Security in the Cloud” focuses on data security in the cloud Guest: Andrew Lance, Sidechain Topics covered: - What is special about data security in the cloud? - How data security plays in the shift from perimeter and network security to identity-based security? - Can I use detective data security controls and turn them into preventative controls?2021-02-1119 minCloud Security Podcast by GoogleCloud Security Podcast by GoogleConfidentially Speaking“Confidentially Speaking” episode focuses on confidential computing Guest: Nelly Porter, Group Product Manager @ Google. Topics covered: - What risks are mitigated by confidential computing? - What types of organizations must adopt confidential computing? - How and where the data is encrypted?2021-02-1121 minGoogle Cloud Platform PodcastGoogle Cloud Platform PodcastChronicle Security with Dr. Anton Chuvakin and Ansh PatniakIt’s cyber security week on the podcast as Priyanka Vergadia joins Mark Mirchandani to talk with the folks of the Chronicle Security Team. Our guests Ansh Patniak and Dr. Anton Chuvakin start the show off with a brief explanation of Chronicle, which is a security analytics platform that can identify threats and correct them.Anton details the threats facing clients today and why it’s important to continue to guard against old threats as well. Cyber security developers must constantly examine the landscape, adjust tools used, and think ahead to try to predict possible future problems. Ansh elab...2020-04-2938 minGoogle Cloud Platform PodcastGoogle Cloud Platform PodcastChronicle Security with Dr. Anton Chuvakin and Ansh PatniakIt’s cyber security week on the podcast as Priyanka Vergadia joins Mark Mirchandani to talk with the folks of the Chronicle Security Team. Our guests Ansh Patniak and Dr. Anton Chuvakin start the show off with a brief explanation of Chronicle, which is a security analytics platform that can identify threats and correct them. Anton details the threats facing clients today and why it’s important to continue to guard against old threats as well. Cyber security developers must constantly examine the landscape, adjust tools used, and think ahead to try to predict possible future problems. Ansh...2020-04-2938 minSecurity All InSecurity All InS2:E6 Anton Chuvakin — Settling into the fascinating world of Google CloudAnton is a recognized security expert in the field of SIEM, log management, and PCI DSS compliance. He is an author of books “Security Warrior”, “PCI Compliance”, “Logging and Log Management” and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and others.  His blog securitywarrior.org was one of the most popular in […] The post S2:E6 Anton Chuvakin — Settling into the fascinating world of Google Cloud appeared first on Malicious Life.2019-12-1100 minDEFCON 15 [Audio] Speeches from the hacker conventionsDEFCON 15 [Audio] Speeches from the hacker conventionsAnton Chuvakin & Mike Murray: The Science Of Social engineering: NLPSocial engineering has traditionally been more of an art than a science, we try different things, and if they work, we continue to use them over and over again. Some of the best social engineers have developed excellent technique even without understanding why what they're doing works. Mike & Anton are skilled communicators trained in NLP, hypnosis, FACS and other sciences of influence, and will present (and demonstrate) some of the cutting edge research on influence and persuasion.Mike Murray A 10-year veteran of the security industry, Mike Murray focuses his expertise on building strong security teams, and helping...2006-01-1048 min