EP148 Decoding SaaS Security: Demystifying Breaches, Vulnerabilities, and Vendor Responsibilities
Cloud Security Podcast by Google · Anton A Chuvakin
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
-
Adrian Sanabria, Director of Valence Threat Labs at Valence Security, ex-analyst
Topics:
-
When people talk about "cloud security" they often forget SaaS, what should be the structured approach to using SaaS securely or securing SaaS?
-
What are the incidents telling us about the realistic threats to SaaS tools?
-
Is the Microsoft 365 breach a SaaS breach, a cloud breach or something else?
-
Do we really need CVEs for SaaS vulnerabilities?
-
What are the least understood aspects of securing SaaS?
-
What do you tell the organizations who assume that "SaaS vendor takes care of all SaaS security"?
-
Isn't CASB the answer to all SaaS security issues? We also have SSPM now too? Do we really need more tools?
Resources: