What are the practical steps for orienting yourself in a new cloud environment? Ashish sat down with Rich Mogull and Chris Farris to explore the intricacies of effective cloud security strategies. Drawing on their extensive experience, Rich and Chris speak about critical importance of moving beyond just addressing vulnerabilities and embracing a more comprehensive approach to cloud security.Rich and Chris share their professional experiences and practical advice for anyone who finds themselves "airdropped" into an organization's cloud environment. They also discuss the development of the Universal Threat Actor Model and how it can help prioritize security efforts in a chaotic landscape of constant alerts and threats.

Questions asked:
00:00 Introduction
02:26 A bit about Chris Farris
03:10 A bit about Rich Mogull
03:45 First Cloud Service they worked on!
06:27 Where to start in an AWS environment?
10:50 Cloud Security Threat Landscape
15:25 Navigating through the CSPM findings
18:14 Using the Universal Cloud Threat Model
23:16 How is Cloud Ransomware different?
25:44 Surprising attacks or compromises in Cloud
29:43 Where are the CSPM Alerts going?
36:30 Cloud Security Landscape in 2024
45:37 The need for Cloud Security training in 2024
46:58 Good starting point to learn Cloud Security
52:13 The Fun Section

Resources spoken about during the episode:
The Universal Cloud Threat Model⁠ - [ Ссылка ]
AWS Customer Security Incidents by Rami McCarthy⁠ - [ Ссылка ]
⁠Breaches.cloud⁠- [ Ссылка ]
CloudSLAW⁠ - [ Ссылка ]
Cloud Security Bootcamp - [ Ссылка ]
--------------------------------------------------------------------------------
📱Cloud Security Podcast Social Media📱
_____________________________________
Twitter: [ Ссылка ]
Facebook: [ Ссылка ]
LinkedIn: [ Ссылка ]
Website: [ Ссылка ]

#cloudsecurity #threatmodeling #awssecurity

свернуть