Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organizations should approach threat modeling in cloud to enhance their security posture. Tyson and Ashish go through the practical steps required for effective threat modeling, including identifying and prioritizing threats, and the continuous adaptation required to address the dynamic nature of cloud services.
Guest Socials: Tyson Garrett
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:50) A bit about Tyson Garrett
(04:27) What is Threat Modeling in Cloud?
(06:29) Threat Modeling the right way in the Cloud
(08:23) Threat Modeling in Cloud vs On Prem
(11:05) Examples of Threat Modeling
(13:41) Threat Modeling AI Services from Cloud Providers
(21:58) Including Threat Modeling in Security Programs
(25:09) Threat Modeling Cloud at Scale
(28:08) Different Approaches for Threat Modeling
(30:21) Challenges with Threat Modeling in Cloud
(33:42) Best Practices for Threat Modeling in Cloud
(39:59) Showing ROI on Threat Modeling
(42:57) Maturity Levels of Threat Modeling
(45:21) Starting point for learning about Threat Models
(46:12) The Fun Questions
(48:41) Where can you connect with Tyson
Resources spoken about during the episode
TrustOnCloud has kindly offered a Free ThreatModel of your choice to our listeners - you can register here to pick yours
Software Signing for Kubernetes Supply Chain & Everybody Else
KUBERNETES BEST PRACTICES 2022
Building Blocks of a Modern Cloud Security Program
THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2
SecDataOps Explained - Modern Security Stack
THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 1
Cloud Security Monitoring in a Modern Security Stack
API SECURITY BEST PRACTICES 2022
BlackHat Defcon 2022 - The Cloud Security Edition
HOW TO Threat Model Digital Applications in Cloud
HOW TO SECURE CONTAINER ENVIRONMENT FOR FINANCIAL SERVICES
AWS ReInforce 2022 Recap & Highlights
Fundamentals of AWS Cloud Security Assessment
So Now You Know!
HOW TO SECURE AWS CLOUD ENVIRONMENT FOR HEALTHCARE
Zero Trust and the Triple Paradox
Building AWS Security Guardrails
Fix the Broken Digital Supply Chain
3 THINGS THAT BROKE THE DIGITAL SUPPLY CHAIN
Digital Transformation - ARE WE THERE YET!
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast