Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
Cloud Ace - Stacy Dunn: Creative Problem Solving in Cloud Security and the Software Development Lifecycle

Stacy Dunn: Creative Problem Solving in Cloud Security and the Software Development Lifecycle

11/09/22 • 37 min

Cloud Ace

Stacy Dunn, CISO Dojo podcast Co-Host, OWASP Chapter Co-Leader, SANS Senior Solutions Engineer, and former engineer for Check Point and Snyk, chats with Brandon Evans about the Software Development Lifecycle in the cloud, supply-chain security concerns, and the importance of creativity in a field that they both feel is incorrectly considered a hard science.
Our Guest - Stacy Dunn
Follow Stacy:

LinkedIn
CISO Dojo Podcast
Resources mentioned in this episode
https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f
https://oklahomaartcade.wordpress.com/

Sponsor's Note:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

plus icon
bookmark

Stacy Dunn, CISO Dojo podcast Co-Host, OWASP Chapter Co-Leader, SANS Senior Solutions Engineer, and former engineer for Check Point and Snyk, chats with Brandon Evans about the Software Development Lifecycle in the cloud, supply-chain security concerns, and the importance of creativity in a field that they both feel is incorrectly considered a hard science.
Our Guest - Stacy Dunn
Follow Stacy:

LinkedIn
CISO Dojo Podcast
Resources mentioned in this episode
https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f
https://oklahomaartcade.wordpress.com/

Sponsor's Note:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

Previous Episode

undefined - Joshua Makinen: Building and Breaking Secure DevOps

Joshua Makinen: Building and Breaking Secure DevOps

Brandon Evans reunites with his former co-worker, Josh, a Senior Security Architect at Snowflake, as they discuss how to build security into DevOps organizations and how he was able to identify vulnerabilities in cloud DevOps tooling.

Our Guest - Joshua Makinen

Joshua Makinen is a security expert based out of Seattle who has been working in security design and penetration testing for 6 years. Currently, he works with Snowflake to decompose and mitigate the risks associated with Snowflake's infrastructure and public-facing offerings as a Data Cloud. During his time as a Security Consultant with NCC Group, he was exposed to a multitude of different organizations and was fascinated by the wide variety of problems they faced, technologies they used, and the approaches to cloud security they chose as a result. While much of his career accomplishments are not public, he once released a container image registry scanning tool called go-pillage-registries and also (accidentally) discovered and responsibly disclosed a couple of high-severity bug-bounty findings and CVE-2021-3583 in Ansible. Internal threats to an organization's supply chain and management interfaces for sensitive environments remains as one of Josh's favorite topics to consider in security.

Follow Joshua

Twitter
LinkedIn
Web

Sponsor's Note:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

Next Episode

undefined - Jabez Abraham: Creating a Cloud Security Enterprise Architecture Strategy for Global Organizations

Jabez Abraham: Creating a Cloud Security Enterprise Architecture Strategy for Global Organizations

Jabez Abraham, Senior Cyber Security Cloud Architect at Paige, meets with his former co-worker Brandon Evans to discuss how cloud native security capabilities can eliminate complexity while applying consistent security controls for organizations spanning multiple geographies, cloud accounts, and regulatory regimes.
Our Guest - Jabez Abraham
As a Senior Cyber Security Cloud Architect at Paige.ai, Jabez is passionate about cloud computing. He thrives on solving problems by leveraging native cloud services to build secure and supportable solutions. At Paige.ai, he helps define the strategies, roadmaps, and solutions to embrace the value of the public cloud and ensure the protection of Paige.ai infrastructure, applications, and data for Cloud Native, Hybrid, and inter-cloud deployments. He has spent an extensive amount of time working through the various aspects of adoption while embracing a #Cloudbydefault approach. Jabez also leads organizational transformation in Cloud and Security Domains.

Sponsor's Note:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

Episode Comments

Generate a badge

Get a badge for your website that links back to this episode

Select type & size
Open dropdown icon
share badge image

<a href="https://goodpods.com/podcasts/cloud-ace-215853/stacy-dunn-creative-problem-solving-in-cloud-security-and-the-software-24826936"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to stacy dunn: creative problem solving in cloud security and the software development lifecycle on goodpods" style="width: 225px" /> </a>

Copy