How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of applying on-premise incident response plans to cloud environments. They speak about the critical metrics of mean time to detect, respond, and recover, and why mastering the fundamentals is key to effective cloud security.
The conversation also covers practical strategies for building a detection framework, the importance of a balanced approach to log ingestion, and the nuanced differences in incident response between cloud and traditional on-premise environments.
Guest Socials: Andrew Tabona
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:20) A bit about Andrew Tabona
(04:26) What is Threat Detection and Response?
(06:14) Why incident response is different in Cloud?
(09:18) Benefits of doing Incident Response in Cloud?
(10:29) Is CSPM your incident response tool?
(12:33) Where to start with Detection in Cloud?
(16:35) Getting buy in from other teams for threat detection
(20:15) Should you build or buy a cybersecurity solution?
(22:34) Responding to incidents in a Cloud Context
(26:01) Containing incidents in a Cloud Context
(28:34) What kind of access do IR teams need?
(30:36) Balancing the signal to noise ratio
(32:10) Where to start with Threat Detection and Response
(34:37) Challenges an organisation might face
(35:58) Threat Detection and Response in MultiCloud
(37:52) Showing ROI of Cybersecurity to the business
(38:57) Where to learn about IR and Threat Detection?
(41:09) Fun Section
(44:14) Where you can connect with Andrew
2023 What Kubernetes Security Looks Like Today Series- DevSecOps
IS THERE DEVSECOPS IN CLOUD? 🤔
How to Build a Modern Cyber Security Program in 2023
HOW TO BUILD A CLOUD SECURITY PROGRAM - MEDIA INDUSTRY
How to Accelerate your AWS Security Maturity in 2023
How to Build AWS Multi-Account Infrastructure with Security and Speed
HOW TO GET FEDRAMP CERTIFIED IN AWS CLOUD
HOW TO BUILD A CLOUD SECURITY PROGRAM WITH CONTAINERS
AWS Cloud Penetration Testing Explained with Example
AWS Goat - Cloud Penetration Testing
Getting Started with Hacking AWS ECS
GETTING STARTED WITH HACKING AWS CLOUD
AWS Reinvent 2022 - RECAP for Cloud Security Professionals!
AWS EKS EXPLAINED!
Story of a Cloud Architect & Blurry Lines of Control with AWS
BECOME A CLOUD SECURITY ARCHITECT IN 2023
AWS Threat Detection for NOT SO COMMON AWS Services Explained
Ransomware attacks in AWS
How to become a Cloud Native Security Architect?
Compliance as Code in Kubernetes
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast