The race to deploy AI is on, but are the cloud platforms we rely on secure by default? This episode features a practical, in-the-weeds discussion with Kyler Middleton, Principal Developer, Internal AI Solutions, Veradigm and Sai Gunaranjan, Lead Architect, Veradigm as they compare the security realities of building AI applications on the two largest cloud providers.The conversation uncovers critical security gaps you need to be aware of. Sai reveals that Azure AI defaults to sending customer data globally for processing to keep costs low, a major compliance risk that must be manually disabled . Kyler breaks down the challenges with AWS Bedrock, including the lack of resource-level security policies and a consolidated logging system that mixes all AI conversations into one place, making incident response incredibly difficult .This is an essential guide for any cloud security or platform engineer moving into the AI space. Learn about the real-world architectural patterns, the insecure defaults to watch out for, and the new skills required to transition from a Cloud Security Engineer to an AI Security Engineer.Guest Socials - Kyler's Linkedin + Sai's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Security PodcastQuestions asked:(00:00) Introduction(02:30) Who are Kyler Middleton & Sai Gunaranjan?(03:40) Common AI Use Cases: Chatbots & Product Integration(05:15) Beyond IAM: The Full Scope of AI Security in the Cloud(07:30) The Role of the Cloud in Deploying Secure AI(13:10) AWS AI Architecture: Bedrock, Knowledge Bases & Vector Databases(15:10) Azure AI Architecture: AI Services, ML Workspaces & Foundry(21:00) The "Delete the Frontend" Problem: The Risk of Agentic AI(23:25) A Security Deep Dive into Microsoft Azure AI Services(29:20) Azure's Insecure Default: Sending Your Data Globally(31:35) A Security Deep Dive into AWS Bedrock(32:30) The Critical Gap: No Resource Policies in AWS Bedrock(33:20) AWS Bedrock's Logging Problem: A Nightmare for Incident Response(36:15) AWS vs. Azure: Which is More Secure for AI Today?(39:20) A Maturity Model for Adopting AI Security in the Cloud(44:15) From Cloud Security to AI Security Engineer: What's the Skill Gap?(48:45) Final Questions: Toddlers, Kickball, Barbecue & Ice Cream
For the last 30 years, email security has been stuck in the past, focusing almost entirely on stopping bad things from getting into the inbox. In this episode, Rajan Kapoor, Field CISO at Material Security and former Director of Security at Dropbox, argues that this pre-breach mindset is dangerously outdated. The real challenge today is post-breach: protecting the sensitive data that already lives inside your mailboxes.The conversation explores why we must evolve from "email security" to the broader concept of "workspace security" . Rajan explains how interconnected productivity suites like Google Workspace and Microsoft 365 have turned the inbox into a gateway to everything else Drive, accounts, and sensitive company data. We also discuss how the rise of AI co-pilots will create new risks, as they can instantly find and surface over-shared data that was previously hidden in plain sight .Guest Socials - Rajan's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Security PodcastQuestions asked:(00:00) Introduction(02:00) Who is Rajan Kapoor? Field CISO at Material Security(02:38) What is Email Security in 2025? The 30-Year-Old Problem(03:20) The Critical Shift: From Pre-Breach to Post-Breach Protection(04:20) The Rise of Workspace Security: Beyond the Inbox(06:00) Why Focusing on Email is "Not Even Half" The Problem(06:50) Are Microsoft 365 Security Challenges Different from Google's?(09:30) Rethinking the Approach to Email Security(11:40) How AI Co-Pilots Will Exploit Your Over-Shared Data(13:30) A Real-World Attack: From Email to Malicious OAuth App(17:00) How Should CISOs Structure Their Teams for Workspace Security?(19:25) The Role of CASB vs. API-Based Security for Data at Rest(23:10) How CISOs Can Separate Signal From Noise in a Crowded Market(24:45) Final Questions: Home Automation, Career Risks, and Ethiopian Food
You have the visibility, you see the alerts, but your security backlog is still growing faster than your team can fix it. So, are you actually getting more secure? In this episode, Snir Ben Shimol, CEO of Zest Security, argues that "knowing about an open door or an open window don't make you more secure... just make you more aware" .We spoke about the traditional "whack-a-mole" approach to vulnerability management. Snir shared an analogy: when planning a trip, the most important question isn't who goes first, but "what is the vehicle?" . He explains how AI's ability to perform recursive analysis can find the "vehicle" for your remediation efforts, that one base image upgrade or single code change that can reduce 20-30% of your entire vulnerability backlog in one action .Guest Socials - Snir's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions:(00:00) Introduction(02:30) Who is Snir Ben Shimol?(03:20) What is Cloud Security in 2025? Moving from Visibility to Action(07:25) Why Visibility Isn't Making You More Secure(10:20) The Slow, Manual Process of Remediation Today: Losing the Battle(16:00) The "Vehicle vs. Priority" Analogy for Vulnerability Management(17:45) How AI Enables Recursive Analysis to Find the Most Impactful Fix(20:00) The Three Pillars of AI-Driven Cloud Security Resolution(22:30) Why Your CNAPP/CSPM Can't Solve the Remediation Problem(25:20) Why Traditional Prioritization (EPSS, KEV) is a Waterfall Approach(28:10) The "Buy vs. Build" Dilemma for AI Security Solutions(30:15) The Complexity of Building a Multi-Agent AI System for Security(41:45) How CISOs Can Separate Real AI Products from Marketing Fluff(44:50) Final Questions: Surfing, Communication, and Thai Food
The conversation around cloud security is maturing beyond simple threat detection. As the industry grapples with alert fatigue, we explore the necessary shift from a reactive to a proactive security posture, questioning if a traditional SecOps model is sufficient for modern cloud environments.We spoke with Gil Geron, CEO of Orca Security, to examine the limitations of a SecOps-centric defense. SecOps teams are inherently reactive, they cannot be the sole guardians of cloud infrastructure. Instead, the conversation centers on a new blueprint: viewing cloud security as an end-to-end workflow that integrates development, deployment, and production runtime with a continuous feedback loop into policy.The role of AI is also explored, not just as a threat, but as an opportunity to empower security teams and make knowledge more accessible. We spoke about the power of context in reducing alert volume, citing a case where millions of vulnerabilities were prioritized down to a handful of actionable fixes.Guest Socials - Gil's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:12) Who is Gil Geron? From Check Point to CEO of Orca Security(02:54) What is Cloud Security in 2025? The Evolution to a Modern Workflow(05:50) How AI is Impacting the Cloud Security Landscape: A Salvation, Not a Risk(08:40) The Limits of a Reactive Approach: Why SecOps Can't Be Your Only Defense(12:15) The Surprising Truth: 95% of Cloud Malware is Introduced, Not Hacked(13:40) The Role of Identity in Cloud Security: The New Networking(18:00) The Current Cloud Security Landscape: From "Thumb Mistakes" to Neglected Assets(22:20) How CISOs are Modernizing Security by Modernizing Engineering Workflows(23:50) Reducing SOC Fatigue: How Context Turns Millions of Alerts into a Handful of Fixes(26:20) Is Auto-Remediation Safe? Why It's an Orchestration Challenge, Not a Technical One(35:20) Shifting Left with Production Context: The Future of AppSec & Cloud Sec(38:00) How to Choose a Security Vendor: Finding Hope, Not Fear(42:01) Final Questions: Hiking, Team Pride, and French FriesThank you to our episode sponsor - Orca Security
Identity is the root cause of over 70% of all security incidents, yet many organizations still rely on fundamentally flawed authentication methods. In this episode, Jasson Casey, CEO and co-founder of Beyond Identity, explains why even common forms of MFA are insufficient and why any system that relies on a "secret moving" is vulnerable to attack.The conversation dives deep into the architectural shift needed to truly secure identity: moving from probabilistic tools to deterministic proof. Jasson breaks down how to leverage the hardware-backed secure enclaves (like TPMs and the Secure Enclave) that already exist in our devices to create un-phishable, device-bound credentials that can't be stolen or copied.We also explore how this approach provides a necessary defense against the next wave of AI-enabled threats, including deepfakes and hyper-realistic social engineering attacks that will make it nearly impossible for humans to spot the difference.Guest Socials - Jasson's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:10) Who is Jasson Casey?(04:00) What is the 2025 Version of IAM?(07:15) Why Hasn't The Identity Problem Been Solved?(08:00) The Fundamental Flaw: Relying on Secrets That Move(10:00) The Solution: Un-phishable, Hardware-Backed Identity(12:15) Why Your Current MFA is Insufficient and Easily Exploited(14:42) The Apple Pay Analogy: How Secure Identity Already Works in Your Pocket(18:58) The "Aha!" Moment: Reducing Help Desk & SOC Workload(25:25) The AI Adversary: How Deepfakes Will Break Authentication(30:00) The Answer to AI Threats: Cryptographically Attested, Device-Bound Proof(32:15) Challenges of Adopting a New World of Identity(34:30) Beyond Human Identity: Securing Workloads, Drones & IoT(36:20) Deterministic vs. Probabilistic: A New Blueprint for Security(45:20) Final Questions: Drones, Cooking, and Tex-MexThank you to Beyond Identity for sponsoring this episode
The nature of Security Operations is changing. As cloud environments grow in complexity and data volumes explode, traditional approaches to detection and response are proving insufficient. This episode features an in-depth conversation with Kyle Polley, who leads the AI security team at Perplexity, about a modern blueprint for the Security Operations Center (SOC).The discussion centers on a necessary architectural shift away from traditional SIEMs, which were not built for today's scale, toward a "data lake infrastructure built for detection and response". Kyle explains how this model provides the scalability needed to handle modern data loads and enables a more effective incident response process.A cornerstone of this new model is the use of centralized AI agents. The conversation explores how these agents can be tasked with performing in-depth alert investigations, helping to reduce analyst burnout and allowing security teams to focus on more proactive, high-impact work. This approach moves beyond simple automation to create a system where AI augments and enhances the capabilities of the human team.Guest Socials - Kyle's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction to Kyle Polley & The Future of SOCs(01:03) The Core Argument: Why You Must Build Your SOC Before Compliance(03:34) Beyond the Certificate: The Difference Between Being Compliant vs. Secure(04:20) Today's #1 AI Threat: The Challenge of Prompt Injection(06:00) The Architectural Flaw: Handling Untrusted Data in AI Systems(08:20) The "Security Data Lake": Moving Beyond the Traditional SIEM(15:00) The Future is Now: A Centralized AI Agent for Automated Investigations(20:06) Will AI Take My Job? How AI Elevates, Not Replaces, the Security Analyst(25:20) Redefining "Shifting Left" with Personal AI Security Agents(31:00) Can AI Reason? How Modern AI Agents Intelligently Query Logs(37:05) Rethinking Incident Response Playbooks in the Age of AI(41:00) The MVP SOC: A Practical Roadmap for Small & Medium Companies(46:08) Final Questions: Maintaining Optimism, Woodworking, and Tex-Mex(50:08) Where to Connect with Kyle PolleyResources spoken about during the episode:Easy Agents: an open-source frameworkHow to give every department their own AI Agent
What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real-world applications and limitations.Ashish Rajan is joined by Edward Wu, CEO of Dropzone AI, for an in-depth discussion on the current state of artificial intelligence in cybersecurity. Edward, who holds numerous patents in the field, shares his perspective on how AI is changing security operations. The conversation details how AI agents can function as a tool to support human analysts rather than replace them, and why the idea of a fully autonomous SOC is not yet a reality.The "Agentic SOC" model: A framework where AI agents assist human security engineers.AI's role in alert investigation: How AI can autonomously investigate alerts by making over a hundred large language model invocations for a single alert.Practical limitations of AI: A discussion on challenges like AI hallucinations and the need for organizational context.Building vs. buying AI tools: An overview of the complexities involved in creating in-house AI agents for security.The impact on SOC metrics: How AI can influence Mean Time To Resolution (MTTR) by investigating alerts in parallel within minutes.The future for security professionals: How the role of a Level 1 SOC analyst is expected to evolve as AI handles more repetitive tasks.Guest Socials - Edward's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction: Why Agentic AI in the SOC Matters Now(03:03) Meet Edward Wu: 30 Patents and a Mission to Fix Alert Fatigue(04:03) What is an "Agentic SOC"? (AI Foot Soldiers & Human Generals)(06:27) Why SOAR & Playbooks Are Not Enough for Modern Threats(08:18) Reality vs. Hype: Can AI Create a Fully Autonomous SOC?(11:55) The New SOC Workflow: How AI Changes Daily Operations(14:10) Can You Build Your Own AI Agent? The Hidden Complexities(19:06) From Skepticism to Demand: The Evolution of AI in Security(22:00) Slashing MTTR: How AI Transforms Key SOC Metrics(28:42) Are AI-Powered Cyber Attacks Really on the Rise?(31:01) How Smart SOC Teams Use ChatGPT & Co-Pilots Today(32:38) The 4 Maturity Levels of Adopting AI in Your SOC(37:04) How to Build Trust in Your AI's Security Decisions(41:28) Beyond the SOC: Which Cybersecurity Jobs Will AI Disrupt Next?(46:44) What is the Future for Level 1 SOC Analysts?(49:11) Getting to Know Edward: Sim Racing & StarCraft ChampionResources spoken about during the episode:Take a self-guided demo of Dropzone.aiRequest a Demo Download a Copy of the Gartner Hype Cycle for Security Operations 2025 Thank you to our episode sponsor Dropzone.ai
A $10 billion fraud vector is currently exploiting a common feature in many cloud-native applications: the SMS verification flow. This isn't a traditional breach. Instead of stealing data, adversaries use bots to trigger costs that are quietly absorbed into your company's operational budget, often showing up as an inflated cell phone or marketing bill.We spoke to Frank Teruel, COO at Arkose Labs about how this fraud works at a technical level and why modern, automated cloud workflows can be a perfect hiding place for these costly attacks. He also shares a story of how a single cloud container was hijacked, costing a company half a million dollars in compute costs for crypto mining over one weekend.This is a critical conversation for anyone working in cloud security, DevOps, and engineering who wants to understand the financial risks embedded in the very architecture of their applications.Guest Socials - Frank's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) The $10 Billion Invisible Threat(02:40) Frank Teruel’s Journey into Digital Identity(03:35) Why Identity Remains a Weak Spot for Cybersecurity(05:35) The Evolution of SMS Fraud(07:20) The "$5M Surprise Bill" Story(08:55) What is SMS Toll Fraud?(11:19) Does WAF Catch SMS Fraud?(12:49) Cloud vs. On-Prem: Is One Safer From SMS Fraud?(14:00) Does Single Sign-On Help With This?(15:55) How a Gaming Attack Becomes a Bank Heist(24:54) How AI is Weaponized for Cloud Attacks(25:35) The $500k Cloud Bill from a Hijacked Container(31:18) The Attack Vectors Cloud Teams Underestimate(35:30) What Are "Smart Bots"?(36:46) Where to Start Building a Program Around Fraud?(40:16) Fun Questions: Grandkids, Cooking & Music
How do you modernize security in a 180-year-old company that operates critical national infrastructure? What does it look like when you discover tens or even hundreds of thousands of credentials hidden across your estate?In this episode, we sit down with Christian Schwarz, Security Director for Network Services at BT Group , recorded at HashiDays London. Christian shares the immense challenge and strategic approach to standardizing secret management across one of the world's oldest telecommunication companies.He details BT's journey away from the "moat and a castle" security model towards a future with no passwords for developers , reducing friction and enhancing security by design.Guest Socials - Christian's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) - Why Standardizing Secrets is a Challenge(02:24) - Introducing Christian Schwarz & His Role at BT(05:50) - Beyond the "Castle & Moat": A New Approach to Security(07:59) - The Challenge of Securing a 180-Year-Old Company(10:04) - The Power of Storytelling and Discovering Hidden Credentials(11:59) - The Starting Point: Threat Modeling Your Critical Infrastructure(13:48) - The Upside of Standardization: Reducing Cognitive Load for Teams(16:08) - Fun Questions: Cycling, Innovation, and Favorite CuisinesThank you to our episode sponsor HashiCorp
Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for security teams to be stricter than ever before. As developers increasingly use AI agents and integrate LLMs into applications, the attack surface is evolving in ways traditional security can't handle. The only way forward is a Zero Trust approach to your own AI modelsJoin Ashish Rajan and Amit Chita as they discuss the new threats introduced by AI and how to build a resilient security program for this new era.Guest Socials - Amit's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Intro: The New Era of AI-Powered AppSec(03:10) Meet Amit Chita: From Founder to Field CTO at Mend.io(03:47) Defining AI-Powered Applications in 2025(05:02) AI-Native vs. AI-Powered: What's the Real Difference?(06:05) How AI is Radically Changing the SDLC: Speed, Scale, and Stricter Security(16:30) The Hidden Risk: Navigating AI Model & Data Licensing Chaos(20:50) SMB vs. Enterprise: Why Their AI Security Problems Are Different(23:00) Why Traditional Security Testing Fails Against AI Threats(26:03) Do You Need to Update Your Entire Security Program for AI?(29:14) The New DevSecOps: Keeping Developers Happy in the Age of AI(31:26) Real AI Threats: Malicious Packages & Indirect Prompt Injection(35:16) Is Regulation Coming for AI? A Look at the Current Landscape(38:00) The AI Security Toolbox: To Build or To Buy?(41:41) Fun Questions: Amit’s Proudest Moment & Favorite RestaurantThank you to our episode sponsor Mend.io
Is your organization struggling with secret management across bare metal, hybrid, and multi-cloud environments? Standard cloud-native tools often fall short when you need a single, standardized solution that bridges all your infrastructure.Dan Popescu, Senior Site Reliability Engineer at Booking.com joins us to share how they built a cloud-agnostic secret management strategy using HashiCorp Vault. We dive deep into the technical challenges of providing identity to bare metal machines, rotating dynamic secrets in legacy and modern applications, and why a central "broker" for authentication is critical for security at scale.Guest Socials - Dan 's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:13) Dan's Background: From Cloud (AWS, GCP) to Bare Metal(03:06) The Core Challenges: Secret Exposure, Rotation & Access Control(04:45) Why Cloud-Native Fails at Scale: The Cost of 500k Requests/Min(07:32) What is a "Secret"? (It's More Than Just Passwords)(09:12) The Secret Lifecycle: Rotation, Revocation & Caching Issues(10:33) Securing Bare Metal: The Unique Challenge of On-Prem Secrets(15:44) Kubernetes & Container Secrets: Sidecars vs. Operators(18:36) The Pain of Moving from Static to Dynamic Secrets(20:40) How Do Machines Get an Identity? (Cloud IAM vs. Bare Metal)(24:28) A Practical Roadmap: Where to Start Standardizing Secrets(26:53) Key Learnings & Technical Pitfalls to Avoid(28:59) The Fun Section
Many organizations focus on keeping attackers out, but what happens when one gets in? We spoke to Ramesh Ramani, Staff Security Engineer at Block about the real challenge, which is preventing them from leaving with your data. In this episode, Ramesh details the innovative system his team built to automate egress access control at scale, moving beyond traditional, inefficient methods.Ramesh explains how by establishing "sources of truth" for both internal applications and external partners, they created a centralized governance model. This system uses SPIFFE IDs to understand application identity, validates data-sharing requests against partner approvals, and provides a seamless, self-service experience for developers. Discover how this approach not only enhances security by preventing unauthorized data exfiltration but also improves incident response, allowing them to instantly revoke access to compromised third-party domains.Guest Socials - Ramesh's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) - Introduction(00:55) - Ramesh Ramani's Journey: From Network Engineer to Cloud Security at Block(02:03) - The "Trapped Thief" Analogy: Why Egress Is a Critical, Overlooked Problem(04:07) - The Trigger for Automation: Why Traditional Egress Security Doesn't Scale(07:36) - The Secret Sauce: Using SPIFFE IDs for Application Identity Across Any Cloud(14:42) - How It Works: Requesting Access & Denying Leaks to Partners like ChatGPT(30:39) - The Foundation: Why You Must Start with a "Source of Truth" for Apps & Partners(31:23) - Incident Response: Instantly Cutting Off Access When a Partner is Compromised(33:58) - Rollout Strategy: How to Implement Egress Controls Without Burdening Other Teams(37:35) - The Fun Section: Tech, Family, RPGs, and the Best Vegetarian RamenResources discussed during the episode:BSidesSF 2025 - Centralizing Egress Access Controls Across a Hybrid Environment.
When you can't protect everything at once, how do you decide what matters most? This episode tackles the core challenge of security prioritization. Geet Pradhan, Senior Security Engineer at Lime joins the podcast to share his framework for building a SecOps plan when you're a small team. Learn why his team made AWS logs their number one priority , how to leverage compliance requirements to guide your strategy , and why he advises starting with a small list of 1-5 critical applications instead of 35. Tune in for a conversation about strategic security for the modern cloud environment.Guest Socials - Geet's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(00:32) Meet Geet Pradhan: Senior Security Engineer at Lime(01:17) What is Detection & Response in 2025?(04:35) Defining the Cloud Detection & Response Pipeline(09:42) Why SIEM-Only Alerts Don't Work for Remote Teams(12:02) How to Choose Your First Log Sources(17:00) Building Security Culture: How to Not Be "The Police"(22:45) Where to Find Pre-Built Detection Rules & Alerts(28:38) On-Prem vs. Cloud: Why The Threat Model Is Different(36:53) Fun QuestionsResources spoken about during the interview:Geet's BSides SF TalkNate Lee - Power of Persuasion
In many organizations, security exception management is a manual process, often treated as a simple compliance checkbox. While necessary, this approach can lead to unmonitored configurations that drift from their approved state, creating inconsistencies in an organization's security posture over time. How can teams evolve this process to support modern development without compromising on security?In this episode, Ashish Rajan sits down with security expert Santosh Bompally, Cloud Security Engineering Team Lead at Humana to discuss a practical framework for automating exception management. Drawing on his journey from a young tech enthusiast to a security leader at Humana, Santosh explains how to transform this process from a manual task into a scalable, continuously monitored system that enables developer velocity.Learn how to build a robust program from the ground up, starting with establishing a security baseline and leveraging policy-as-code, certified components, and continuous monitoring to create a consistent and secure cloud environment.Guest Socials - Santosh's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(00:39) From Young Hacker to Cybersecurity Pro(02:14) The "Tick Box" Problem with Exception Management(03:17) Exposing Your Threat Landscape: The Risk of Not Automating(05:43) Where Do You Even Start? The First Steps(08:26) VMs vs Containers vs Serverless: Is It Different?(11:15) Building Your Program: Start with a Security Baseline(14:44) What Standard to Follow? (CIS, PCI, HIPAA)(17:20) The Lifecycle of a Control: When Should You Retire One?(19:42) The 3 Levels of Security Automation Maturity(23:25) Do You Need to Be a Coder for GRC Automation?(26:16) Fun Questions: Home Automation, Family & Food
In this episode, Ashish Rajan talks with Harry Wetherald, Co-Founder & CEO of Maze, about the reality of modern vulnerability management. They explore why current tools like CNAPPs can generate up to 90% false positives and how AI agents can provide a real solution by thinking like a security engineer to identify genuine, exploitable threats. Learn about the challenges of building your own AI solutions and how this new approach can eliminate noise and build trust between security and engineering teamGuest Socials - Harry's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:27) Who is Harry Wetherald?(04:45) The "Wall of Red": Why Security Tools Create 90% False Positives(06:21) The Mission: Solving Vulnerability Overload with AI(10:11) How an AI Agent Investigates a Vulnerability(16:09) The Hard Reality of Building Your Own AI Solution(18:14) Building for a Future of Evolving AI Models(20:00) What is the Role of an MCP (AI Copilot)?(27:31) Building AI Agents for Cloud Security(31:25) "Think Like a Hacker": Asking AI to Red Team Your Cloud(33:04) How AI Will Shape Security Programs in 2025 & Beyond(36:20) Fun Questions with HarryThank you Maze for sponsoring this episode.
AI is reshaping cybersecurity as we know it. From sophisticated AI-driven phishing attacks to the amplified risk of insider threats using tools like Copilot, the landscape is shifting at an unprecedented pace. How can security leaders and practitioners adapt?Join Ashish Rajan and Matthew Radolec (Varonis) as they explore the critical challenges and opportunities AI presents. Learn why 86% of attacks involve credential misuse and how AI agents are making it easier than ever for non-technical insiders to exfiltrate data.In this episode, you'll learn about:The "Blast Radius": How AI tools can dramatically increase data exposure.From "Breaking In" to "Logging In": The dominance of credential-based attacks.AI-Powered Social Engineering: The rise of "conversational bait".Copilot Use Cases & "Aha!" MomentsData Integrity in AI: The critical, overlooked pillar of AI security.The Enduring Importance of Access Management in an AI World.Transforming Security Operations: AI for incident response, playbooks, and forensics.Guest Socials - Matt's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(01:57) New Threat Landscape in Cloud & AI(08:08) Use cases for regulated industries(10:03) Impact of Agentic AI in the cybersecurity space(12:22) Blind spots of going into AI(18:06) Shared responsibility for LLM providers(20:56) Lifting up security programs for AI(27:82) How is incident response changing with AI?(29:30) Cybersecurity areas that will be most impacted by AI(34:43) The Fun SectionThank you to our episode sponsor Varonis
Is Artificial Intelligence the ultimate security dragon, we need to slay, or a powerful ally we must train? Recorded LIVE at BSidesSF, this special episode dives headfirst into the most pressing debates around AI security.Join host Ashish Rajan as he navigates the complex landscape of AI threats and opportunities with two leading experts:Jackie Bow (Anthropic): Championing the "How to Train Your Dragon" approach, Jackie reveals how we can leverage AI, and even its 'hallucinations,' for advanced threat detection, response, and creative security solutions.Kane Narraway (Canva): Taking the "Knight/Wizard" stance, Kane illuminates the critical challenges in securing AI systems, understanding the new layers of risk, and the complexities of AI threat modeling.🔥 In this episode, we tackle the tough questions:Is the hype around past 'AI-powered' security justified, or was it "hot garbage"?How can you build effective threat models when AI introduces new, complex failure points?What are the real risks and challenges when implementing AI in production?Can AI tools like 'vibe coding' democratize security, or do they risk deskilling professionals?How can defenders possibly keep pace with AI-driven attacks without fully embracing AI themselves?Exploring the future of AI in both offensive and defensive cybersecurity.Guest Socials - Jackie's Linkedin + Kane's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Intro: Slaying or Training the AI Dragon at BSidesSF?(03:15) Meet Jackie Bow (Anthropic): Training AI for Security Defense(03:41) Meet Kane Narraway (Canva): Securing AI Systems & Facing Risks(04:51) Was Traditional Security Ops "Hot Garbage"? Setting the Scene(06:32) The Real Risks: What AI Brings to Your Organisation(07:27) AI in Action: Leveraging AI for Threat Detection & Response(08:37) AI Hallucinations: Bug, Feature, or Security Blind Spot?(09:54) Threat Modeling AI: The Core Challenges & Learnings (13:29) Getting Started: Practical AI Threat Detection First Steps(17:56) AI & Cloud: Integrating AI into Your Existing Environments(25:38) AI vs. Traditional: Is Threat Modeling Different Now?(29:52) Your First Step: Where to Begin with AI Threat Modeling?(33:17) Fun Questions & Final Thoughts on the Future of AI Security
As Artificial Intelligence reshapes our world, understanding the new threat landscape and how to secure AI-driven systems is more crucial than ever. We spoke to Ankur Shah, Co-Founder and CEO of Straiker about navigating this rapidly evolving frontier.In this episode, we unpack the complexities of securing AI, from the fundamental shifts in application architecture to the emerging attack vectors. Discover why Ankur believes "you can only secure AI with AI" and how organizations can prepare for a future where "your imagination is the new limit," but so too are the potential vulnerabilities.Guest Socials - Ankur's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(00:30) Meet Ankur Shah (CEO, Straiker)(01:54) Current AI Deployments in Organizations (Copilots & Agents)(04:48) AI vs. Traditional Security: Why Old Methods Fail for AI Apps(07:07) AI Application Types: Native, Immigrant & Explorer Explained(10:49) AI's Impact on the Evolving Cyber Threat Landscape(17:34) Ankur Shah on Core AI Security Principles (Visibility, Governance, Guardrails)(22:26) The AI Security Vendor Landscape (Acquisitions & Startups)(24:20) Current AI Security Practices in Organizations: What's Working?(25:42) AI Security & Hyperscalers (AWS, Azure, Google Cloud): Pros & Cons(26:56) What is AI Inference? Explained for Cybersecurity Pros(33:51) Overlooked AI Attack Surfaces: Hidden Risks in AI Security(35:12) How to Uplift Your Security Program for AI(37:47) Rapid Fire: Fun Questions with Ankur ShahThank you to this episode's sponsor - Straiker.ai
The world of cloud security is evolving at breakneck speed. Are traditional tools and strategies enough to combat the sophisticated threats of tomorrow? In this episode, we're joined by Elad Koren, Vice President of Product Management from Palo Alto Networks, to explore the dynamic journey of cloud security.Elad shares his insights on how the landscape has shifted, moving beyond the era of CSPM and CNAPP as standalone solutions. We delve into why a cloud-aware Security Operations Center (SOC) is no longer a luxury but a necessity, and what "runtime security" truly means in today's complex, multi-cloud environments.The conversation also tackles the double-edged sword of Artificial Intelligence, how it’s empowering both attackers with new capabilities and defenders with advanced tools. Elad discusses the critical considerations for organizations undergoing digital transformation, the importance of AI governance, and provides actionable advice for companies at all stages of their cloud adoption journey, from securing code from day one to building holistic visibility across their entire infrastructure.Guest Socials - Elad's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(01:38) How has Cloud Security Evolved?(04:21) Why CNAPP is not enough anymore?(07:13) What is runtime security?(07:54) Impact of AI on Cloud Security(11:41) What to include in your cybersecurity program in 2025?(16:47) The Fun SectionThank you to this episode's sponsor - PaloAlto Networks Resources discussed during the episode:PaloAlto Networks RSAC Announcement 1PaloAlto Networks RSAC Announcement 2
Dive deep into the key takeaways from RSA Conference 2025 with our expert panel! Join Ashish Rajan, James Berthoty, Chris Hughes, Tanya Janca, and Francis Odum as they dissect the biggest trends, surprises, and "hot takes" from one of the world's largest cybersecurity events.In this episode, we cover:Initial reactions and the sheer scale of RSA Conference 2025.Major themes: AI's impact on cybersecurity, especially AppSec, vendor consolidation, the evolution of runtime security, and more.The rise of AI-native applications and how they're reshaping the landscape.Deep dives into Application Security (AppSec), secure coding with AI, and the future of vulnerability management.Understanding runtime security beyond DAST and its critical role.Unexpected insights and surprising takeaways from the conference floor.Guests include:Chris Hughes – CEO at Aquia & host of Resilient CyberJames Berthoty – Cloud and AppSec engineer, known for sharp vendor analysis and engineering-first content and Latio TechTanya Janca – Founder of She Hacks PurpleFrancis Odum – Founder of Software Analyst Cyber ResearchPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction: Unpacking the RSA Conference 2025(02:20) Meet the Experts: Panelist Introductions(03:39) RSAC First Impressions: Scale, Excitement & Attendee Numbers(07:52) Top Themes from RSA Conference 2025(16:01) AI's Evolution: Native Applications & AppSec's Transformation(33:30) Demystifying Runtime Security (Beyond DAST)(40:23) RSA Surprises & Unexpected Takeaways
Magno Logan
Great podcast about Cloud Security! Highly recommend it! Ashish is the best!
Mohammed Saqeeb
Thank you so much for amazing resources, will keep a look on it always!
Ashish Rajan
The podcast has finished recording 50 episodes so far with guests from Netflix, Capital One, Hashicorp on how they do security in cloud, definitely worth checking out. FULL DISCLOSURE: I'm the host of the podcast and each month we pick a review to be featured on the podcast website (www.cloudsecuritypodcast.tv). Make sure you leave a review to be featured.