Is Offensive Security part of your 2024 Security Roadmap? We caught up with Sam Kirkman, Director at NetSPI EMEA at BlackHat Europe 2023 about what an Offensive Security Roadmap going into 2024 should look like. Offensive security is much more than pentesting. We spoke about how to build a capable team, different maturity stages of building such a program and resources you can lean on while you are on this journey across different industries.
Guest Socials: Sam's Linkedin (@sam-kirkman-cybersecurity)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:53)A bit about Sam Kirkman
(03:53) What is offensive security?
(04:52) The attack landscape
(07:34) Offensive Security Roadmap
(09:43) Components of Offensive Security Roadmap
(11:04) Whats a good starting point?
(12:55) Skillsets required in the team
(16:57) Different stages of maturity
(19:09) Where can people learn more about this?
(22:03) Where you can connect with Sam
You can learn more about NetSPI and offensive security here
Finding Security Bugs in Google Cloud - Kat Traxler
Hacker stories from the Internet - Darknet Diaries
CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW
Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey
Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman
Kubernetes Runtime Threat Detection and Response - Falco, Sysdig
Study Hall - Attacking K8S Cluster Defaults!
Start here for Kubernetes Security - Magno Logan
Study Hall - Kubernetes Concepts and Architecture Explained!
Risk Analysis of Kubernetes Security - Mark Manning, Snowflake
Study Hall - What is Kubernetes & Why do you NEED TO know about it?
Kubernetes (Goat) Vulnerable by Design - Madhu Akula
CISO PERSPECTIVE SERIES: LINKEDIN CISO - Geoff Belknap
Study Hall: Honest truth behind learning Kubernetes
Building Threat Detection for your Cloud Environment
Cloud Governance using Infrastructure as Code (IaC)
Kubernetes Security Explained for those starting today! - Kelsey Hightower
Getting Infrastructure as Code (IaC) Security Culture right! - Yoni Leitersdorf
Azure Security Best Practices for Cloud Architects - John Savill
WHAT IS INFRASTRUCTURE AS CODE SECURITY? - Barak Schoster
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast