Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organizations should approach threat modeling in cloud to enhance their security posture. Tyson and Ashish go through the practical steps required for effective threat modeling, including identifying and prioritizing threats, and the continuous adaptation required to address the dynamic nature of cloud services.
Guest Socials: Tyson Garrett
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:50) A bit about Tyson Garrett
(04:27) What is Threat Modeling in Cloud?
(06:29) Threat Modeling the right way in the Cloud
(08:23) Threat Modeling in Cloud vs On Prem
(11:05) Examples of Threat Modeling
(13:41) Threat Modeling AI Services from Cloud Providers
(21:58) Including Threat Modeling in Security Programs
(25:09) Threat Modeling Cloud at Scale
(28:08) Different Approaches for Threat Modeling
(30:21) Challenges with Threat Modeling in Cloud
(33:42) Best Practices for Threat Modeling in Cloud
(39:59) Showing ROI on Threat Modeling
(42:57) Maturity Levels of Threat Modeling
(45:21) Starting point for learning about Threat Models
(46:12) The Fun Questions
(48:41) Where can you connect with Tyson
Resources spoken about during the episode
TrustOnCloud has kindly offered a Free ThreatModel of your choice to our listeners - you can register here to pick yours
CISO Perspective: Sean Catlett, CISO of Slack
CAASM - CyberSecurity Asset Management for the Modern Security Stack
Azure Security Fundamentals - Level 200
Confidential Computing in Azure Explained
Azure Cloud Security Architecture
Azure Security Fundamentals Level 1
Finding Security Holes in Azure Services
Azure Kubernetes Service (AKS) Security Explained
Azure Security Fundamentals - Zero Trust with Azure AD
How to Secure Cloud Managed Kubernetes
Kubernetes Security Best Practices in 2022
Manage Privileged Access for Kubernetes & Cloud
How to become a Cloud Native Security Engineer
Service Mesh Security EXPLAINED!
Scaling a Practical AWS Asset Management Program
Threat Hunting in AWS
What is SBOM, iBOM?
Security for AI/ML Models in AWS
Building Google Cloud Security Products
Google Cloud Security Fundamentals - Level 2
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast