Season 1 · Episode 69
EP69 Cloud Threats and How to Observe Them
Cloud Security Podcast by Google · Anton A Chuvakin
June 13, 202229m 40s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
- James Condon, Director of Security Research @ Lacework
Topics:
- What are realistic and actually observed cloud threats today? How did you observe them at Lacework?
- Cloud threats: are they on-premise style threats to cloud assets? We hate the line "cloud is just somebody else's computer" but apparently threats actors seem to think so?
- What is the 2nd most dangerous cloud issue after configuration mistakes?
- Why is it so common for organizations to have insecure configurations in their cloud environments?
- Give me a few examples of the most common mistakes organizations make, and what they can do to avoid those configurations.
- Cloud malware and ransomware / RansomOps, are these real risks today?
- Are we finally seeing the rise of Linux malware at scale (in the cloud)?
- As multi cloud expands in popularity, what are threat actors doing in this area?
- Are actors customizing their attacks on a per-cloud basis (AWS, GCP, Azure)?
Resources: