Cloud Ace
SANS Institute
All episodes
Best episodes
Seasons
Top 10 Cloud Ace Episodes
Goodpods has curated a list of the 10 best Cloud Ace episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Cloud Ace for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Cloud Ace episode by adding your comments to the episode page.
12/11/23 • 50 min
Nate Lee, CISO at Tradeshift, talks about creating cloud security capabilities, working with engineering, and how he built a GenAI security question answering bot.
About Nate:
Nate is currently CISO at Tradeshift, a B2B SaaS platform where he built the security program that has secured over $1 trillion in global business transactions. Previous to that, he led various technical teams including the company’s Platform Operations, Site Reliability Engineering and Corporate IT functions.
He got his start as an engineer doing consulting, building systems and networks before joining Target Corporation. At Target, he built and secured systems that ensure the smooth flow of goods at one of the largest retailers in the country.
In 2010, after relocating to the Bay Area, Nate joined the videoconferencing startup Fuze (later acquired by 8x8) as a Senior Architect before swiftly expanding his purview and leading the operations, security and escalated support teams.
Like most in tech, he’s currently spending an inordinate amount of time digging into AI and the practical implications it has to businesses, focusing on building secure-by-default systems and driving internal efficiencies.
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
10/05/22 • 59 min
This episode features a panel of three of the top Cloud Identity and Access Management experts in the world. Kat Traxler, Karl Fosaaen, and Kyler Middleton are incredibly knowledgable about how IAM works in all three cloud providers, but Kyler specializes in AWS, Karl spends most of his time with Azure, and Kat is our resident GCP guru. Each panelist will represent their primary cloud’s strengths and weaknesses. Which provider will come out on top? Will any cloud provider leave this conversation unscathed? Join Brandon Evans and the panel to find out.
Resources mentioned in this episode
AWS STS assume theory video - https://www.iampulse.com/resources/videos/aws-sts-primer-why
AWS STS how-to video: https://www.iampulse.com/resources/videos/aws-sts-primer-demo
Restricting Hop Limits with your AWS tokens: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/configuring-instance-metadata-service.html
https://pumasecurity.io/resources/blog/cloud-security-instance-metadata/
https://www.netspi.com/blog/technical/cloud-penetration-testing/extract-credentials-from-azure-kubernetes-service/
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Revie
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
10/05/22 • 49 min
Dr. Anton Chuvakin and Brandon Evans discuss why some organizations desperately try to follow the on-premises blueprint when securing the cloud, how to prevent Compliance from getting in the way of the evolution of IT Security, and what Anton is doing at Google Cloud to deal with the Shared Responsibility Model breaking in the real world.
Our Guest - Dr. Anton Chuvakin
Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019.
Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team.
Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books "Security Warrior", "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" and ""PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance"" (book website) and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and other books.
Resources mentioned in this episode
Some ideas on compliance as code: https://cloud.google.com/blog/products/identity-security/risk-and-compliance-as-code
https://www.forbes.com/sites/googlecloud/2022/04/19/demystifying-shared-fate-a-new-approach-to-understand-cybersecurity/
https://cloud.google.com/blog/products/identity-security/8-megatrends-drive-cloud-adoption-and-improve-security-for-all
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcas
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Frank Kim: Navigating the Cloud Security Journey for Individual Contributors and Business Leaders
Cloud Ace
10/05/22 • 43 min
Frank Kim, the Lead for the SANS Cloud Security and Security Leadership curriculums, joins Brandon Evans to discuss how these areas intersect, the role cloud technologies and vendors play in the People, Process, and Technology Framework, why developers who introduce security flaws today can become the security experts of the future, and the importance of staying curious about cloud trends like multicloud and DevOps.
Our Guest - Frank Kim
Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Cybersecurity Leadership and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevSecOps Automation.
Follow Frank Kim
Twitter: https://twitter.com/fykim
LinkedIn: https://www.linkedin.com/in/frank-kim/
Web: https://www.sans.org/profiles/frank-kim/
Resources mentioned in this episode
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Introducing SANS Cloud Ace
Cloud Ace
09/23/22 • 1 min
Welcome to the SANS Cloud Ace podcast. Our exciting podcast season 1 will be hosted by Brandon Evans, a SANS instructor and co-author of SEC510: Public Cloud Security: AWS, Azure, and GCP. We'll cover applicable information to use right away with topics such as how to move from on-prem to cloud, identity and access management, and more.
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
10/12/22 • 42 min
Brandon Evans is joined by John Alves of CyberOne, who is also an up-and-coming instructor for SANS SEC510: Public Cloud Security: AWS, Azure, and GCP, to take a deep-dive into Microsoft Azure security platforms, creating cloud security learning paths for those you manage, and getting involved with the SANS community.
Our Guest - John Alves
Twitter: @cyberlowdown
LinkedIn: https://www.linkedin.com/in/alves-john/
Resources mentioned in this episode:
For Sentinal Training - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310
Tool specific training around Microsoft tools (Sentinel, Defender for Cloud, Sentinal Automation, etc) - https://azurecloudai.blog/2021/05/12/all-the-microsoft-ninja-training-i-know-about/
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
10/19/22 • 41 min
Aaron Hutson walks Brandon Evans through his journey from being an on-prem SysAdmin and cloud skeptic to a cloud security student, consultant, and educator who has worked on the Defense Information Systems Agency (DISA) Secure Cloud Computing Architecture initiative.
Our Guest - Aaron Hutson
Aaron is a passionate advocate for cybersecurity, information technology and education. Aaron holds a Master of Science in Cybersecurity and numerous certifications, such as CISSP, AWS CSAP, GCIH, OSCP and many more. He has worn many hats and is backed by diverse professional experience across the IT, cybersecurity, and education fields. Aaron believes in the constant pursuit of knowledge to stay relevant and stay informed, and when he’s not learning something new, he’s sharing what he knows as an educator to help others understand the many intricacies in IT and cybersecurity.
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Stacy Dunn: Creative Problem Solving in Cloud Security and the Software Development Lifecycle
Cloud Ace
11/09/22 • 37 min
Stacy Dunn, CISO Dojo podcast Co-Host, OWASP Chapter Co-Leader, SANS Senior Solutions Engineer, and former engineer for Check Point and Snyk, chats with Brandon Evans about the Software Development Lifecycle in the cloud, supply-chain security concerns, and the importance of creativity in a field that they both feel is incorrectly considered a hard science.
Our Guest - Stacy Dunn
Follow Stacy:
LinkedIn
CISO Dojo Podcast
Resources mentioned in this episode
https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f
https://oklahomaartcade.wordpress.com/
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Jabez Abraham: Creating a Cloud Security Enterprise Architecture Strategy for Global Organizations
Cloud Ace
11/16/22 • 44 min
Jabez Abraham, Senior Cyber Security Cloud Architect at Paige, meets with his former co-worker Brandon Evans to discuss how cloud native security capabilities can eliminate complexity while applying consistent security controls for organizations spanning multiple geographies, cloud accounts, and regulatory regimes.
Our Guest - Jabez Abraham
As a Senior Cyber Security Cloud Architect at Paige.ai, Jabez is passionate about cloud computing. He thrives on solving problems by leveraging native cloud services to build secure and supportable solutions. At Paige.ai, he helps define the strategies, roadmaps, and solutions to embrace the value of the public cloud and ensure the protection of Paige.ai infrastructure, applications, and data for Cloud Native, Hybrid, and inter-cloud deployments. He has spent an extensive amount of time working through the various aspects of adoption while embracing a #Cloudbydefault approach. Jabez also leads organizational transformation in Cloud and Security Domains.
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
11/13/23 • 52 min
Kapil Assudani, CISO at Edwards Lifesciences, shares how he was one payment away from getting kicked out of his Masters program, being resilient and resourceful, building credibility, and finding ways to reduce the attack surface.
About Kapil:
Kapil Assudani, with over 20 years of experience in information security, currently holds the position of Senior Vice President and Chief Information Security Officer at Edwards Lifesciences. His tenure at Edwards, spanning over six years, has responsibilities beyond the typical enterprise security scope of a CISO, as it includes IoT Medical Device Security and Manufacturing Plant security on a global scale.
Kapil’s leadership philosophy is built on three key principles. Firstly, he believes in building a team of passionate and good-hearted individuals, providing them with innovative tools, and then allowing them to operate independently. Secondly, he emphasizes presenting security problem statements backed by facts and data, simplifying them to a level where a business leader can independently make risk decisions. Lastly, he focuses on building trusted relationships across the entire employee base, fostering candid conversations and driving an execution-focused culture.
His extensive experience covers all facets of information security, including leading security incident detection and response, ethical hacking teams, and security architecture and strategy programs. He has also been instrumental in building a global cybersecurity program at Edwards from the ground up. Kapil’s diverse industry experience spans consulting and corporate roles across Fortune 100 companies in accounting, finance, healthcare, and technology. Over the last decade, he has intentionally focused his career on healthcare companies, finding the work purposeful and passionately aligned with a noble mission. Kapil holds a Masters in Computer Science and has been a speaker at multiple conferences, further solidifying his expertise in the field
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Show more best episodes
Show more best episodes
FAQ
How many episodes does Cloud Ace have?
Cloud Ace currently has 24 episodes available.
What topics does Cloud Ace cover?
The podcast is about Cloud, Security, Podcasts and Technology.
What is the most popular episode on Cloud Ace?
The episode title 'Anton Chuvakin: Remapping Mental Models in IT, Security, and Compliance for the Cloud' is the most popular.
What is the average episode length on Cloud Ace?
The average episode length on Cloud Ace is 44 minutes.
How often are episodes of Cloud Ace released?
Episodes of Cloud Ace are typically released every 7 days.
When was the first episode of Cloud Ace?
The first episode of Cloud Ace was released on Sep 23, 2022.
Show more FAQ
Show more FAQ