What does Security even mean anymore

Security has been in the news quite a bit lately, both for failures and funding. But does security even matter anymore?  Nobody knows. 

SHOW: 544

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

• Teleport Access Plane: Quickly access any computing resource anywhere
• Try Teleport for free
• CloudZero - Cloud Cost Intelligence for Engineering Teams

 SHOW NOTES:

• Coverage of recent Security commitments from Cloud Providers
• 2021 Top Security Breaches (Part I, Part II)
• The State of Cloud Security Report (2021)
• Microsoft warns thousands of cloud customers of exposed databases

 

DOES ANYONE ACTUALLY CARE ABOUT SECURITY?

“This is the worst cloud vulnerability you can imagine.”     

WHAT IS THE PENALTY FOR BEING BAD AT SECURITY?

The State of Cloud Security 2021 Report highlights several alarming facts, including:

• 36% of companies suffered a serious cloud data leak or breach in the past 12 months
• 8 out of 10 are worried that they’re vulnerable to a major misconfiguration breach 
• 64% say the problem will get worse or stay the same 

Every company makes security a massive part of every purchasing decision. And yet the market doesn’t seem to do anything when a massive breach happens. How is this still the state of security? 

FEEDBACK?

• Email: show at the cloudcast dot net
• Twitter: @thecloudcastnet

AIOps for Security and Breach Protection

SHOW: 389

DESCRIPTION: Brian talks with Adam Hunt (CTO and Chief Data Scientist at @RiskIQ) about the breadth of security breaches, how AI/ML can play a role if used properly, and immediate steps to improve protection for breaches.

SHOW SPONSOR LINKS:

• Datadog Homepage - Modern Monitoring and Analytics
• Try Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt

CLOUD NEWS OF THE WEEK

AWS Announced Open Distro for ElasticSearch
https://aws.amazon.com/blogs/opensource/keeping-open-source-open-open-distro-for-elasticsearch/

Rebuttals or Commentary on Open Distro for ElasticSearch  

• https://www.elastic.co/blog/on-open-distros-open-source-and-building-a-company
• https://thenewstack.io/what-the-fork-amazon/
• https://www.influxdata.com/blog/aws-intends-for-their-new-project-to-be-an-elasticsearch-fork/
• https://redmonk.com/sogrady/2019/03/15/cloud-open-source-powder-keg/

Continuous Delivery Foundation launched by Linux Foundation
https://devops.com/the-linux-foundation-launches-continuous-delivery-foundation/

VC Investment in the Service Mesh space
Bouyant ($10M)
Tetrate ($12.5M) 

SHOW INTERVIEW LINKS:

• RiskIQ - https://www.riskiq.com/
• Onboard Machine Learning Like a Junior Engineer - https://www.kdnuggets.com/2018/04/onboarding-machine-learning.html

SHOW NOTES:

Topic 1 - Welcome to the show. You have quite an interesting and impressive background. Can you talk a little bit about your work in academia prior to RiskIQ, and then what drew you to this space?

Topic 2 - RiskIQ focuses on helping companies mitigate massive security attacks. For people that don’t live in the security domain, can you give us a sense of what one of these attacks and breaches look like? 

Topic 3 - Can you give us a sense of how many of these massive attacks are utilizing new techniques, or is it variants of existing techniques, or just old techniques looking for new (vulnerable) targets? And are there tools to help companies understand how to prioritize against these?  

Topic 4 - Where are we in the industry in terms of the intersection of security best practices that IT teams can control, and when ML-driven capabilities can augment for more proactive security? 

Topic 5 - What are some of the things that you’re recommending to companies that are helping to make immediate impacts to them preventing or reducing massive breaches?

Feedback?

• Email: show at thecloudcast dot net
• Twitter: @thecloudcastnet and @ServerlessCast

The Cloudcast - Eps.75 - Threat Protection vs. Threat Detection

Aaron and Brian Katz (@bmkatz) talk with Simon Crosby (@simoncrosby, Founder/CTO at Bromium) about the landscape of security threats on the Internet, recent high-profile hackings, and an update on how Bromium vSentry is setting the new benchmark for security lab results and protection.