Transparency in Cloud Security with Gafnit Amiga
Today Corey talks with Gafnit Amiga, Director of Security Research at Lightspin. Gafnit begins by talking about the wave-making blogpost she released this year that exposed a vulnerability she had discovered in RDS, an Amazon database service. Corey and G
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Full Description / Show Notes
- Gafnit explains how she found a vulnerability in RDS, an Amazon database service (1:40)
- Gafnit and Corey discuss the concept of not being able to win in cloud security (7:20)
- Gafnit talks about transparency around security breaches (11:02)
- Corey and Gafnit discuss effectively communicating with customers about security (13:00)
- Gafnit answers the question “Did you come at the RDS vulnerability exploration from a perspective of being deeper on the Postgres side or deeper on the AWS side? (18:10)
- Corey and Gafnit talk about the risk of taking a pre-existing open source solution and offering it as a managed service (19:07)
- Security measures in cloud-native approaches versus cloud-hosted (22:41)
- Gafnit and Corey discuss the security community (25:04)
About Gafnit
Gafnit Amiga is the Director of Security Research at Lightspin. Gafnit has 7 years of experience in Application Security and Cloud Security Research. Gafnit leads the Security Research Group at Lightspin, focused on developing new methods to conduct research for new cloud native services and Kubernetes. Previously, Gafnit was a lead product security engineer at Salesforce focused on their core platform and a security researcher at GE Digital. Gafnit holds a Bs.c in Computer Science from IDC Herzliya and a student for Ms.c in Data Science.
Links Referenced:
- Lightspin: https://www.lightspin.io/
- Twitter: https://twitter.com/gafnitav
- LinkedIn: https://www.linkedin.com/in/gafnit-amiga-b1357b125/