Cloud Security Podcast by Google

By Anton Chuvakin

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.

Image by Anton Chuvakin

Category: Technology

Open in Apple Podcasts


Open RSS feed


Open Website


Rate for this podcast

Subscribers: 67
Reviews: 0
Episodes: 206

Description

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.

Episode Date
EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators
Dec 23, 2024
EP203 Cloud Shared Responsibility: Beyond the Blame Game with Rich Mogull
Dec 16, 2024
EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering
Dec 09, 2024
EP201 Every CTO Should Be a CSTO (Or Else!) - Transformation Lessons from The Hoff
Dec 02, 2024
EP200 Zero Touch Prod, Security Rings, and Foundational Services: How Google Does Workload Security
Nov 25, 2024
EP199 Your Cloud IAM Top Pet Peeves (and How to Fix Them)
Nov 18, 2024
EP198 GenAI Security: Unseen Attack Surfaces & AI Pentesting Lessons
Nov 11, 2024
EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective
Nov 04, 2024
EP196 AI+TI: What Happens When Two Intelligences Meet?
Oct 28, 2024
EP195 Containers vs. VMs: The Security Showdown!
Oct 21, 2024
EP194 Deep Dive into ADR - Application Detection and Response
Oct 14, 2024
EP193 Inherited a Cloud? Now What? How Do I Secure It?
Oct 07, 2024
EP192 Confidential + AI: Can AI Keep a Secret?
Sep 30, 2024
EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!
Sep 23, 2024
EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures
Sep 16, 2024
EP189 How Google Does Security Programs at Scale: CISO Insights
Sep 09, 2024
EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security
Sep 02, 2024
EP187 Conquering SOC Challenges: Leadership, Burnout, and the SIEM Evolution
Aug 26, 2024
EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim
Aug 19, 2024
EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You
Aug 12, 2024
EP184 One Week SIEM Migration: Fact or Fiction?
Aug 05, 2024
EP183 Cloud Security Journeys: Improve, Evolve, Transform with Cloud Customers
Jul 29, 2024
EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy?
Jul 22, 2024
EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
Jul 15, 2024
EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center
Jul 08, 2024
EP179 Teamwork Under Stress: Expedition Behavior in Cybersecurity Incident Response
Jul 01, 2024
EP178 Meet Brandon Wood: The Human Side of Threat Intelligence: From Bad IP to Trafficking Busts
Jun 24, 2024
EP177 Cloud Incident Confessions: Top 5 Mistakes Leading to Breaches from Mandiant
Jun 17, 2024
EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use
Jun 10, 2024
EP175 Meet Crystal Lister: From Public Sector to Google Cloud Security and Threat Horizons
Jun 03, 2024
EP174 How to Measure and Improve Your Cloud Incident Response Readiness: A New Framework
May 27, 2024
EP173 SAIF in Focus: 5 AI Security Risks and SAIF Mitigations
May 20, 2024
EP172 RSA 2024: Separating AI Signal from Noise, SecOps Evolves, XDR Declines?
May 13, 2024
EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side
May 06, 2024
EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC
Apr 29, 2024
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
Apr 22, 2024
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
Apr 15, 2024
EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse
Apr 08, 2024
EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)
Apr 01, 2024
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
Mar 25, 2024
EP164 Quantum Computing: Understanding the (very serious) Threat and Post-Quantum Cryptography
Mar 18, 2024
EP163 Cloud Security Megatrends: Myths, Realities, Contentious Debates and Of Course AI
Mar 11, 2024
EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler
Mar 04, 2024
EP161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud
Feb 26, 2024
EP160 Don't Cloud Your Judgement: Security and Cloud Migration, Again!
Feb 19, 2024
EP159 Workspace Security: Built for the Modern Threat. But How?
Feb 12, 2024
EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics
Feb 05, 2024
EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
Jan 29, 2024
EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive
Jan 22, 2024
EP155 Cyber, Geopolitics, AI, Cloud - All in One Book?
Jan 15, 2024
EP154 Mike Schiffman: from Blueboxing to LLMs via Network Security at Google
Jan 08, 2024
EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for All
Dec 18, 2023
EP152 Trust, Security and Google's Annual Transparency Report
Dec 11, 2023
EP151 Cyber Insurance in the Cloud Era: Balancing Protection, Data and Risks
Dec 04, 2023
EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with Gary McGraw
Nov 27, 2023
EP149 Canned Detections: From Educational Samples to Production-Ready Code
Nov 20, 2023
EP148 Decoding SaaS Security: Demystifying Breaches, Vulnerabilities, and Vendor Responsibilities
Nov 12, 2023
EP147 Special: 2024 Google Cloud Security Forecast Report
Nov 08, 2023
EP146 AI Security: Solving the Problems of the AI Era: A VC's Insights
Nov 05, 2023
EP145 Cloud Security: Shared Responsibility, Shared Fate, Shared Faith?
Oct 29, 2023
EP144 LLMs: A Double-Edged Sword for Cloud Security? Weighing the Benefits and Risks of Large Language Models
Oct 23, 2023
EP143 Cloud Security Remediation: The Biggest Headache?
Oct 16, 2023
EP142 Cloud Security Podcast Ask Me Anything #AMA 2023
Oct 09, 2023
EP141 Cloud Security Coast to Coast: From 2015 to 2023, What's Changed and What's the Same?
Oct 02, 2023
EP140 System Hardening at Google Scale: New Challenges, New Solutions
Sep 25, 2023
EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
Sep 18, 2023
EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
Sep 11, 2023
EP137 Next 2023 Special: Conference Recap - AI, Cloud, Security, Magical Hallway Conversations
Sep 05, 2023
EP136 Next 2023 Special: Building AI-powered Security Tools - How We Do It?
Aug 28, 2023
EP135 AI and Security: The Good, the Bad, and the Magical
Aug 21, 2023
EP134 How to Prioritize UX and Security in the Cloud: UX as a Security Capability
Aug 14, 2023
EP133 The Shared Problem of Alerting: More SRE Lessons for Security
Aug 07, 2023
EP132 Chaos Engineering for Security: How to Improve Software Resilience with Kelly Shortridge
Jul 31, 2023
EP131 A Deep Dive into Google's Assured OSS: How Google Secures the Software You Use
Jul 24, 2023
EP130 Cloud is Secure: Are you Using It Securely - True or False?
Jul 17, 2023
EP129 How CISO Cloud Dreams and Realities Collide
Jul 10, 2023
EP128 Building Enterprise Threat Intelligence: The Who, What, Where, and Why
Jul 03, 2023
EP127 Is IAM Really Fun and How to Stay Ahead of the Curve in Cloud IAM?
Jun 26, 2023
EP126 What is Policy as Code and How Can It Help You Secure Your Cloud Environment?
Jun 19, 2023
EP125 Will SIEM Ever Die: SIEM Lessons from the Past for the Future
Jun 12, 2023
EP124 Safe Browsing: Lessons from How Google Secures Five Billion Devices at Low False Positive Rates
Jun 05, 2023
EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
May 29, 2023
EP122 Firewalls in the Cloud: How to Implement Trust Boundaries for Access Control
May 22, 2023
EP121 What Happens Here Stays Here: Confidential City (and Space)
May 15, 2023
EP120 Building Secure Cloud and Building Security Products: Finding the Balance
May 08, 2023
EP119 RSA 2023 - What We Saw, What We Learned, and What We're Excited About
May 01, 2023
EP118 RSA 2023 - How to Protect Your Organization from Cyberattacks in a Time of Political Turmoil
Apr 24, 2023
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
Apr 17, 2023
EP116 SBOMs: A Step Towards a More Secure Software Supply Chain
Apr 10, 2023
EP115 How to Approach Cloud in a Cloudy Way, not As Somebody Else’s Computer?
Apr 03, 2023
EP114 Minimal Viable Secure Product (MVSP) - Is That a Thing?
Mar 27, 2023
EP113 Love it or Hate it, Network Security is Coming to the Cloud
Mar 20, 2023
EP112 Threat Horizons - How Google Does Threat Intelligence
Mar 13, 2023
EP111 How to Solve the Mystery of Application Security in the Cloud?
Mar 06, 2023
EP110 Detection and Response in a High Velocity and High Complexity Environment
Feb 27, 2023
EP109 How Google Does Vulnerability Management: The Not So Secret Secrets!
Feb 20, 2023
EP108 How to Hunt the Cloud: Lessons and Experiences from Years of Threat Hunting
Feb 13, 2023
EP 107 How Google Secures It's Google Cloud Usage at Massive Scale
Feb 06, 2023
EP106 Beyond BeyondProd - How Do You Zero Trust Your Workloads?
Jan 30, 2023
EP105 Security Architect View: Cloud Migration Successes, Failures and Lessons
Jan 23, 2023
EP104 CISO Walks Into the Cloud: And The Magic Starts to Happen!
Jan 16, 2023
EP103 Security Incident Response and Public Cloud - Exploring with Mandiant
Jan 09, 2023
EP102 Sunil Potti on Building Cloud Security at Google
Dec 19, 2022
EP101 Cloud Threat Detection Lessons from a CISO
Dec 12, 2022
EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security
Dec 05, 2022
EP99 Google Workspace Security: from Threats to Zero Trust
Nov 28, 2022
EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?
Nov 21, 2022
Special: Coordinated Release of Detection Rules for CobaltStike Abuse
Nov 17, 2022
EP96 Cloud Security Observability for Detection and Response
Nov 14, 2022
EP95 Cloud Security Talks Panel: Cloud Threats and Incidents
Nov 07, 2022
EP94 Meet Cloud Security Acronyms with Anna Belak
Oct 31, 2022
EP93 CISO Walks Into the Cloud: Frustrations, Successes, Lessons ... And Is My Data Secure?
Oct 24, 2022
Special: Sharing The Mic In Cyber with STMIC Hosts Lauren and Christina: Representation, Psychological Safety, Security
Oct 21, 2022
EP91 “Hacking Google”, Op Aurora and Insider Threat at Google
Oct 17, 2022
Next 2022 Google Cybersecurity Action Team: One Year Later!
Oct 13, 2022
Next 2022 Can We Escape Ransomware by Migrating to the Cloud?
Oct 12, 2022
Next 2022 Improving Browser Security in the New Era of Work
Oct 11, 2022
Next 2022 Log4j Reflections, Software Dependencies and Open Source Security
Oct 10, 2022
EP86 How to Apply Lessons from Virtualization Transition to Make Cloud Transformation Better
Oct 04, 2022
EP85 Deploy Security Capabilities at Scale: SRE Explains How
Sep 26, 2022
EP84 How to Secure Artificial Intelligence (AI): Threats, Approaches, Lessons So Far
Sep 19, 2022
EP83 What Does reCAPTCHA Actually Do and How Does It Do it? Product Manager Explains
Sep 12, 2022
EP82 Mega-confused by XDR? You Are Not Alone! This XDR Skeptic Clarifies!
Sep 05, 2022
EP81 Demystify Data Sovereignty and Sovereign Cloud Secrets at Google Cloud
Aug 29, 2022
EP80 CISO Walks Into the Cloud: Frustrations, Successes, Lessons ... And Does the Risk Change?
Aug 22, 2022
EP79 Modernize Data Security with Autonomic Data Security Approach
Aug 15, 2022
EP78 Classic SOC Meets Cloud: What Changes? What Stays the Same?
Aug 08, 2022
EP77 Operational Realities of SOAR: Automate and/or Enrich, Playbooks, Magic
Aug 01, 2022
EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?
Jul 25, 2022
EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil
Jul 18, 2022
EP74 Who Will Solve Cloud Security: A View from Google Investment Side
Jul 11, 2022
EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond!
Jul 05, 2022
EP72 What Does Good Detection and Response Look Like in the Cloud? Insights from Expel MDR
Jun 27, 2022
EP71 Attacking Google to Defend Google: How Google Does Red Team
Jun 21, 2022
EP70 Special - RSA 2022 Reflections - Securing the Past vs Securing the Future
Jun 16, 2022
EP69 Cloud Threats and How to Observe Them
Jun 13, 2022
EP68 How We Attack AI? Learn More at Our RSA Panel!
Jun 06, 2022
EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?
May 31, 2022
EP66 Is This Binary Legit? How Google Uses Binary Authorization and Code Provenance
May 23, 2022
EP65 Is Your Healthcare Security Healthy? Mandiant Incident Response Insights
May 16, 2022
EP64 Security Operations Center: The People Side and How to Do it Right
May 09, 2022
EP63 State of Autonomic Security Operations: Are There Sharks in Your SOC?
May 02, 2022
EP62 Protect Modern Applications in the Cloud: Union of APIs and Application Security
Apr 25, 2022
EP61 Anniversary Episode - What Did We Learn So Far on Cloud Security Podcast?
Apr 18, 2022
EP60 Impersonating Service Accounts in GCP and Beyond: Cloud Security Is About IAM?
Apr 11, 2022
EP59 Zero Trust: So Easy Even a Government Can Do It?
Apr 04, 2022
EP0 New Audio Trailer: Cloud Security Podcast by Google
Mar 28, 2022
EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond
Mar 28, 2022
EP57 Stop Zero Days, Save the World: Project Zero's Maddie Stone Speaks
Mar 21, 2022
EP56 Rebuilding vs Forklifting and How to Secure a Data Warehouse in the Cloud
Mar 14, 2022
EP55 The Magic of Cloud Migration: Learn Security Lessons from the Field
Mar 07, 2022
EP54 Container Security: The Past or The Future?
Feb 28, 2022
EP53 Seven Years of SOAR: What's Next?
Feb 22, 2022
EP52 Securing AI with DeepMind CISO
Feb 14, 2022
EP51 Policy Intelligence: More Fun and Useful than it Sounds!
Feb 07, 2022
EP50 The Epic Battle: Machine Learning vs Millions of Malicious Documents
Jan 31, 2022
EP49 Lifesaving Tradeoffs: CISO Considerations in moving Healthcare to Cloud
Jan 24, 2022
EP48 Confidentially Speaking 2: Cloudful of Secrets
Jan 18, 2022
EP47 Megatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud Security
Jan 11, 2022
EP46 Products and Solutions: Helping Our Customers Precipitate Change
Dec 06, 2021
EP45 VirusTotal Insights on Ransomware Business and Technology
Nov 29, 2021
EP44 Evolving a SIEM for the Future While Learning from the Past
Nov 22, 2021
EP43 Automation as Paved Roads in Cloud Enablement
Nov 15, 2021
EP42 Missing Diversity Hurts Your Security
Nov 08, 2021
EP41 Beyond Phishing: Email Security Isn't Solved
Nov 01, 2021
EP40 2021: Phishing is Solved?
Oct 25, 2021
EP40 2021: Phishing is Solved?
Oct 25, 2021
EP39 From False Positives to Karl Popper: Rationalizing Cloud Threat Detection
Oct 18, 2021
NEXT Special - 6 Cloud Security PMs (and a Developer Advocate!) Walk into a Studio
Oct 14, 2021
NEXT Special - Google Cybersecurity Action Team: What's the Story?
Oct 13, 2021
NEXT Special - Cloud Security and DEI: Being an Ally!
Oct 12, 2021
NEXT Special - Google Cloud NEXT Security: What to Watch?
Oct 11, 2021
EP34 Instrumenting Modern Application Stack for Detection and Response
Oct 04, 2021
EP33 Cloud Migrations: Security Perspectives from The Field
Sep 27, 2021
EP32 Can You Ever Know Thyself: Cloud Attack Surface Management
Sep 20, 2021
EP31 Cloud Certifications, and Cloud Security with TheCertsGuy
Sep 13, 2021
EP30 Malware Hunting with VirusTotal
Sep 07, 2021
Future of EDR: Is It Reason-able to Suggest XDR?
Aug 30, 2021
Tales from the Trenches: Using AI for Gmail Security
Aug 23, 2021
The Mysteries of Detection Engineering: Revealed!
Aug 16, 2021
SOC in a Large, Complex and Evolving Organization
Aug 09, 2021
Beyond Compliance: Cloud Security in Europe
Aug 02, 2021
Linking Up The Pieces: Software Supply Chain Security at Google and Beyond
Jul 26, 2021
Threat Detection at Google Cloud Security Summit
Jul 19, 2021
Securing Multi-Cloud from a CISO Perspective, Part 3
Jul 12, 2021
Security Marketing? Every Product Needs a Story!
Jul 06, 2021
Security Operations, Reliability, and Securing Google with Heather Adkins
Jun 28, 2021
Double-clicking, but not on fire hydrants, with bot fighters
Jun 21, 2021
More Cloud Migration Security Lessons
Jun 14, 2021
Modern Threat Detection at Google
Jun 07, 2021
Modern Data Security Approaches: Is Cloud More Secure?
Jun 01, 2021
Scaling Google Kubernetes Engine Security
May 24, 2021
Making Compliance Cloud-native
May 19, 2021
Application Security in the Cloud
May 10, 2021
Threat Models and Cloud Security
May 03, 2021
Preparing for Cloud Migrations from a CISO Perspective, Part 2
Apr 26, 2021
SIEM Modernization? Is That a Thing?
Apr 19, 2021
Building a Third Party Platform for Cloud Security
Apr 12, 2021
Zero Trust: Fast Forward from 2010 to 2021
Apr 01, 2021
No One Expects the Malware Inquisition
Mar 24, 2021
Cloud Security Talks Summarized: A Recap Episode
Mar 17, 2021
Preparing for Cloud Migrations from a CISO Perspective, Part 1
Mar 11, 2021
Gathering Data for Zero Trust
Feb 24, 2021
Automate and/or Die?
Feb 11, 2021
Data Security in the Cloud
Feb 11, 2021
Confidentially Speaking
Feb 11, 2021