DiscoverCloud Ace
Cloud Ace
Claim Ownership

Cloud Ace

Author: SANS Institute

Subscribed: 54Played: 496
Share

Description

Cloud Ace is your go-to podcast for in-depth expert discussions on all topics that touch cloud security. Information security professionals can tune in for fresh perspectives on building and managing secure cloud infrastructure, platforms, and applications. The insight shared by our experts on this podcast transcends cloud, making it valuable for professionals across all fields of cyber security. Brought to you by SANS Institute, Cloud Ace podcast delivers actionable insight through interviews with some of the top minds leaving their mark in cloud security. Cloud Ace covers the full gamut of cloud topics from multi-cloud and public cloud, to containers, threat detection, cloud pen testing, DevSecOps, automation and everything in between.
24 Episodes
Reverse
Nate Lee, CISO at Tradeshift, talks about creating cloud security capabilities, working with engineering, and how he built a GenAI security question answering bot.About Nate:Nate is currently CISO at Tradeshift, a B2B SaaS platform where he built the security program that has secured over $1 trillion in global business transactions. Previous to that, he led various technical teams including the company’s Platform Operations, Site Reliability Engineering and Corporate IT functions.He got his s...
Fred Bret-Mounet, CISO at Clarify Health Solutions, reminisces about negotiating a 25% salary increase and still being drastically underpaid, eating pasta every day, and learning that security can't just be focused on building Fort Knox.About Fred:"t all started with early e-commerce sites storing item prices client side! A tinkerer from an early age and the constant need to feed my curiosity have been critical skills to my Information Security career. With strong technical skills t...
Steve Tran, CISO at the Democratic National Committee (DNC), opens up about his personal challenges, finding his path through hacking and magic, and his passion for helping the next generation.ABOUT STEVE: Steve is the Chief Security Officer for the Democratic National Committee, where he leads the organization's Information Technology, physical security, and cybersecurity strategies and programs. Prior to this, Steve was the Chief Information Security Officer (CISO) for MGM Studios. The...
Deneen DeFiore, CISO at United Airlines, talks about how she got into security, taking a new CISO role at the start of COVID, what makes a mature business oriented security program, and what CISOs need to know before considering board level opportunities.About Deneen: Deneen is an accomplished technology and risk management executive with experience across multiple critical infrastructure sectors. She has expertise in advising global companies and their most senior executives on t...
Kapil Assudani, CISO at Edwards Lifesciences, shares how he was one payment away from getting kicked out of his Masters program, being resilient and resourceful, building credibility, and finding ways to reduce the attack surface.About Kapil: Kapil Assudani, with over 20 years of experience in information security, currently holds the position of Senior Vice President and Chief Information Security Officer at Edwards Lifesciences. His tenure at Edwards, spanning over six years, has responsibi...
Mike Melo, CISO and head of technology at LifeLabs, talks about his approach to innovation and insights on leading cloud security tools.About Mike Melo: "Heavily focused on people and integrity-led progression, Mike Melo is a Senior IT Executive and Chief Information Security Officer (CISO) with over 15+ years of experience advancing operational efficiencies, cyber indomitability, and overall organizational success. Currently serving as the CISO & VP IT Shared Services for LifeLabs i...
Jadee Hanson, CISO and CIO at Code42, shares how even as a kid she knew cybersecurity was her calling and how that led to CISO, CIO, and product leadership responsibilities.About Jadee Hanson: As chief information security officer and chief information officer at Code42, Jadee Hanson leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations. To her position, she brings more than 17 years of information security and a proven trac...
Brett Cumming, head of security at Skechers, shares how his sister inadvertently got him into cybersecurity and how saying yes to everything laid the foundation for a career in cyber.About Brett: Brett Cumming is a transformative leader who built and currently leads the information security program for the global footwear leader Skechers, helping the organization scale 5x during his tenure. Mr. Cumming’s experience working in both business and engineering focused tech roles provides a broad p...
Bernard Brantley, CISO at Corelight, outlines his vision of modern security and cloud capabilities based on his experience at companies like Microsoft and Amazon, tying together security and business objectives.ABOUT BERNARD:Bernard Brantley is the Chief Information Security Officer (CISO) at San Francisco-based Corelight. He has previously managed threat hunting, threat intelligence, network security architecture and analytics for some of the most mission critical environments at both Amazon...
Rinki Sethit, CISO at BILL, discusses her journey in cybersecurity from roles at early cloud adopters like Intuit and Twitter to security vendors like Palo Alto Networks and ultimately to board roles at companies like ForgeRock.ABOUT RINKI: VP & CISO (CHIEF INFORMATION SECURITY OFFICER) Rinki is currently the Vice President and Chief Information Security Officer at BILL, where she will be leading the global information technology functions and is also responsible for leading efforts ...
Cloud Ace is back for season 2, featuring both new guests and a new host. Frank Kim, a SANS Fellow and CISO-in-Residence at YL Ventures, will sit in as host this season as a wide range of guests join him in exploring the full gamut of cloud topics from multi-cloud and public cloud, to containers, threat detection, cloud pen testing, DevSecOps, automation and everything in between.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this pod...
Brandon Evans and fellow cloud security podcaster Ashish Rajan, host of the Cloud Security Podcast and Principal Cloud Security Advocate for Snyk, chat about developer-first security, multicloud abstraction layers, cybersecurity conferences, and the 5 Cs of cloud security products (CASB, CIEM, CNAPP, CSPM, and CWPP).Our Guest - Ashish RajanAshish Rajan is the host of the wildly popular Cloud Security Podcast, a CISO, CyberSecurity Influencer, a SANS Trainer for Cloud Security and an outspoken...
Brandon Evans reconnects with former co-worker Marqueze “Q” Sawyers, a Senior Manager of Software Engineering at Asurion, as they chat about moving fast while failing safely while developing cloud-based applications, using tools like GitHub actions to enable security pipelines in a DevSecOps environment, and making security look as cool as it is for Security Champions and engineers.Our Guest - Marqueze SawyersTwitter: https://twitter.com/MarquezeSawyersLinkedIn: https://www.linkedin.com/in/ma...
Brandon Evans meets with Ahmed AbuGharbia, a Security Manager and Consultant at Sirius Computer Solutions as well as a Certified Instructor Candidate for SANS SEC540: Cloud Security and DevSecOps Automation, to discuss reskilling traditional security professionals to work with Cloud and DevSecOps, getting executive buy-in for investing in their employees, and about an incident he responded to in which all of the infrastructure within his client’s AWS account was deleted.Our Guest - Ahmed AbuG...
Jabez Abraham, Senior Cyber Security Cloud Architect at Paige, meets with his former co-worker Brandon Evans to discuss how cloud native security capabilities can eliminate complexity while applying consistent security controls for organizations spanning multiple geographies, cloud accounts, and regulatory regimes.Our Guest - Jabez AbrahamAs a Senior Cyber Security Cloud Architect at Paige.ai, Jabez is passionate about cloud computing. He thrives on solving problems by leveraging native cloud...
Stacy Dunn, CISO Dojo podcast Co-Host, OWASP Chapter Co-Leader, SANS Senior Solutions Engineer, and former engineer for Check Point and Snyk, chats with Brandon Evans about the Software Development Lifecycle in the cloud, supply-chain security concerns, and the importance of creativity in a field that they both feel is incorrectly considered a hard science.Our Guest - Stacy DunnFollow Stacy:LinkedInCISO Dojo PodcastResources mentioned in this episodehttps://hackernoon.com/how-it-feels-to-lear...
Brandon Evans reunites with his former co-worker, Josh, a Senior Security Architect at Snowflake, as they discuss how to build security into DevOps organizations and how he was able to identify vulnerabilities in cloud DevOps tooling.Our Guest - Joshua MakinenJoshua Makinen is a security expert based out of Seattle who has been working in security design and penetration testing for 6 years. Currently, he works with Snowflake to decompose and mitigate the risks associated with Snowflake's infr...
Brandon Evans talks about building a Cloud Adoption Roadmap with Lysandra Capella, a manager at one of the largest financial institutions in the Dutch Caribbean and a SANS superstar (23 GIAC certs!)Our Guest - Lysandra CapellaAs a Banking professional with more than 10 years’ experience in cybersecurity domain, Lysandra currently supports executive management at a Financial Institution with strategy formulation, security assurance and IT governance. She comes with a background where she has w...
Aaron Hutson walks Brandon Evans through his journey from being an on-prem SysAdmin and cloud skeptic to a cloud security student, consultant, and educator who has worked on the Defense Information Systems Agency (DISA) Secure Cloud Computing Architecture initiative.Our Guest - Aaron HutsonAaron is a passionate advocate for cybersecurity, information technology and education. Aaron holds a Master of Science in Cybersecurity and numerous certifications, such as CISSP, AWS CSAP, GCIH, OSCP and ...
Brandon Evans is joined by John Alves of CyberOne, who is also an up-and-coming instructor for SANS SEC510: Public Cloud Security: AWS, Azure, and GCP, to take a deep-dive into Microsoft Azure security platforms, creating cloud security learning paths for those you manage, and getting involved with the SANS community.Our Guest - John AlvesTwitter: @cyberlowdownLinkedIn: https://www.linkedin.com/in/alves-john/Resources mentioned in this episode:For Sentinal Training - https://techcommunity.mic...
loading