This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Anton Chuvakin에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Anton Chuvakin 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Cloud Security Podcast by Google와 비슷한 콘텐츠
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
We help founders make something people want.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Learn how people are using AI at work to collaborate, find focus, and get stuff done—not at some point in the future, but today. Hear founders, researchers, and engineers talk about the problems they’re solving with the help of new and emerging AI tools, and how AI can help you spend more time on the work that matters most.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
))
EP96 Cloud Security Observability for Detection and Response
Manage episode 346978000 series 2892548
Anton Chuvakin에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Anton Chuvakin 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Guest:
- Jeff Bollinger, Director of Incident Response and Detection Engineering @ Linkedin
Topics:
- Observability sounds cool (please define it for us BTW), but relating it to security has been “hand-wavy” at best. What is your opinion on the relevance of observability data for security use cases? What use cases are those, apart from saving the data for IR just in case?
- How can we best approach observability in the cloud, particularly around network communications, so that we improve security as a result?
- Are there other areas of cloud where observability might be more relevant? Does the massive shift to TLS 1.3 impact this?
- If the Internet is shifting towards an end-user/device centric model with everything as a service (SaaS), how does security monitoring even work anymore?
- Does it mean the end of both endpoint and network eras and the arrival of the application security monitoring era?
- Can we do deep monitoring of complex applications and app clusters for abuse or should we just focus on identity and profiling?
Resources:
- “Instrumenting Modern Application Stack for Detection and Response” (ep34)
- “Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan” by Jeff Bollinger, Brandon Enright, Matthew Valites (book)
- RFC 7258 Pervasive Monitoring Is an Attack
- RFC 8890 Internet is for end users
- “(Re)building Threat Detection and Incident Response at LinkedIn”
- “Martian Chronicles“ by Ray Bradberry (because migrating to cloud is like flying to Mars)
170 에피소드
공유
Manage episode 346978000 series 2892548
Anton Chuvakin에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Anton Chuvakin 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Guest:
- Jeff Bollinger, Director of Incident Response and Detection Engineering @ Linkedin
Topics:
- Observability sounds cool (please define it for us BTW), but relating it to security has been “hand-wavy” at best. What is your opinion on the relevance of observability data for security use cases? What use cases are those, apart from saving the data for IR just in case?
- How can we best approach observability in the cloud, particularly around network communications, so that we improve security as a result?
- Are there other areas of cloud where observability might be more relevant? Does the massive shift to TLS 1.3 impact this?
- If the Internet is shifting towards an end-user/device centric model with everything as a service (SaaS), how does security monitoring even work anymore?
- Does it mean the end of both endpoint and network eras and the arrival of the application security monitoring era?
- Can we do deep monitoring of complex applications and app clusters for abuse or should we just focus on identity and profiling?
Resources:
- “Instrumenting Modern Application Stack for Detection and Response” (ep34)
- “Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan” by Jeff Bollinger, Brandon Enright, Matthew Valites (book)
- RFC 7258 Pervasive Monitoring Is an Attack
- RFC 8890 Internet is for end users
- “(Re)building Threat Detection and Incident Response at LinkedIn”
- “Martian Chronicles“ by Ray Bradberry (because migrating to cloud is like flying to Mars)
170 에피소드
모든 에피소드
×
플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.
Cloud Security Podcast by Google와 비슷한 콘텐츠
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
We help founders make something people want.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Learn how people are using AI at work to collaborate, find focus, and get stuff done—not at some point in the future, but today. Hear founders, researchers, and engineers talk about the problems they’re solving with the help of new and emerging AI tools, and how AI can help you spend more time on the work that matters most.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
