Season 1 · Episode 76
EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?
Cloud Security Podcast by Google · Anton A Chuvakin
July 25, 202230m 16s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
- Ben Johnson, CTO/co-founder @ Obsidian Security
Topics:
- Why is there so much attention lately on SaaS security? Doesn't this area date back to 2015 or so?
- What do you see as the primary challenges in securing SaaS?
- What does a SaaS threat model look like? What are the top threats you see?
- CASB has been the fastest growing security market and it has grown into a broad platform and many assume that "securing SaaS = using CASB", what are they missing?
- Where would another technology to secure SaaS fit architecturally, inline with CASB or as another API-based system?
- Securing IaaS spanned a robust ecosystem of vendors (CWPP, CSPM, now CNAPP) and many of these have ambitions for securing SaaS, thus clashing with CASB. Where do you fit in this battle?
- For a while, you were talking more about CDR - what is it and do we really need a separate CDR technology?
Resources: