PLAY PODCASTS
EP32 Can You Ever Know Thyself: Cloud Attack Surface Management
Season 1 · Episode 32

EP32 Can You Ever Know Thyself: Cloud Attack Surface Management

Cloud Security Podcast by Google · Anton A Chuvakin

September 20, 202123m 39s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Guest:

Topics:

  • Attack Surface Management (ASM). Why do we need a new toolset and a new category? Isn't this just 1980s asset management or CMDB?
  • How do we find those assets that may have been misplaced by the organizations? How can any technology do this reliably?
  • ASM seems to often rely on network layer 3 and 4. Can't bad guys just hit the app endpoints and all your network is irrelevant then?
  • When you think about the threats organizations face due to unknown assets, is data theft at the top of the stack? What should organizations keep in mind as a priority here?
  • Who at an organization is best set up to receive, triage, investigate, and respond to the alerts about the attack surface?
  • Are there proactive steps organizations can take to prevent shadow IT, or are we stuck responding to each new signal? Isn't preventing new assets the same as preventing business?

Resources:

← All episodes of Cloud Security Podcast by Google