Podcasts about sonrai security

Like the go-to-market team at Cybr Donut, are you struggling to build a strong sales pipeline and wondering how to utilize events effectively? Do you want to know why your customers choose your products and leverage that to boost sales? Join us in this episode as we explore practical strategies that can help your sales and marketing teams hit your revenue targets faster.In this conversation we discuss:

Do we have your permission to share this episode of Screaming in the Cloud with you? Sonrai CTO and Co-Founder Sandy Bird is back on the show to help Corey break down the woes that come with granting permissions in the world of cloud security. As they catch up, the pair touch base on how automation can create major headaches, what goes into navigating the minefield of granting permissions, and if the future of adoption patterns is as grim as Corey predicts. Sandy also answers one of Corey's long-time questions: how do you pronounce “Sonrai?” Who knows? Maybe Corey will finally learn how to say it properly...Show Highlights:(0:00) Intro(0:30) Breaking down Sonrai's name(1:45) Sonrai sponsor read(2:25) Getting alerts vs. fixing the root of the problem(4:50) The problems with granting permissions(7:34) The dangers of automating permissions(10:10) "Where do I make this change, and how do I enforce it?" (13:46) The security concerns that come with tagging automation(16:12) Sonrai sponsor read(16:53)  Properly deploying permissions access(21:16) Woes of running reporting in the middle of the night(23:21) Are adoption patterns getting worse?(29:01) Where you can find more from Sonrai SecurityAbout Sandy BirdSandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert., Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.LinksSonrai Security: https://sonraisecurity.com/Sonrai Security free trial: https://sonraisecurity.com/trial/Sonrai Security demos: https://sonraisecurity.com/demo/Sonrai Security learning resources: https://sonraisecurity.com/resource-library/Sonrai Security blog: https://sonraisecurity.com/blog/Sonrai Security ACCESS Virtual Summit: sonrai.co/access-on-demandSponsorSonrai Security: https://sonraisecurity.com/

In this Screaming in the Cloud Replay, we're revisiting our conversation with Miles War — perhaps the closest thing Google Cloud has to Corey Quinn. With a wit and sharpness at hand, and an entire backup retinue of trumpets, trombones, and various brass horns, Miles is here to join the conversation about what all is going on at Google Cloud. Miles breaks down SADA and their partnership with Google Cloud. He goes into some details on what GCP has been up to, and talks about the various areas they are capitulating forward. Miles talks about working with Thomas Kurian, who is the only who counts since he follows Corey on Twitter, and the various profundities that GCP has at hand.Show Highlights:(0:00) Intro(1:38) Sonrai Security sponsor read(2:40) Reliving Google Cloud Next 2021(7:24) Unlikable, yet necessary change at Google(11:41) Lack of Focus in the Cloud(18:03) Google releases benefitting developers(20:57) The rise of distributed databases(24:12) Backblaze sponsor read(24:41) Arguments for (and against) going multi-cloud(26:49) The problem with Google Cloud outages(33:01) Data transfer fees(37:49) Where you can find more from MilesAbout Miles WardAs Chief Technology Officer at SADA, Miles Ward leads SADA's cloud strategy and solutions capabilities. His remit includes delivering next-generation solutions to challenges in big data and analytics, application migration, infrastructure automation, and cost optimization; reinforcing our engineering culture; and engaging with customers on their most complex and ambitious plans around Google Cloud.Previously, Miles served as Director and Global Lead for Solutions at Google Cloud. He founded the Google Cloud's Solutions Architecture practice, launched hundreds of solutions, built Style-Detection and Hummus AI APIs, built CloudHero, designed the pricing and TCO calculators, and helped thousands of customers like Twitter who migrated the world's largest Hadoop cluster to public cloud and Audi USA who re-platformed to k8s before it was out of alpha, and helped Banco Itau design the intercloud architecture for the bank of the future.Before Google, Miles helped build the AWS Solutions Architecture team. He wrote the first AWS Well-Architected framework, proposed Trusted Advisor and the Snowmobile, invented GameDay, worked as a core part of the Obama for America 2012 “tech” team, helped NASA stream the Curiosity Mars Rover landing, and rebooted Skype in a pinch.Earning his Bachelor of Science in Rhetoric and Media Studies from Willamette University, Miles is a three-time technology startup entrepreneur who also plays a mean electric sousaphone.Links:SADA.com: https://sada.comTwitter: https://twitter.com/mileswardEmail: miles@sada.comOriginal episode:https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/gcp-s-many-profundities-with-miles-ward/SponsorsSonrai Security: sonrai.co/access24Backblaze: backblaze.com 

Welcome to episode 262 of the Cloud Pod podcast – where the forecast is always cloudy! Justin, and Ryan are your hosts this week, and there's a ton of news to get through! We look at updates to .NET and Kubernetes, the future of email, new instances that promise to cause economic woes, and – hold onto your butts – a new deep sea cable! Let's get started!  Titles we almost went with this week: What is a vagrant when you move it into your cloud I only Aspire not to use/support .NET AI Is the Gateway drug to Cloudflare Let me tell you about the future with MAIL ROUTING AWS invents impressive ways to burn money with the U7i instances Google Only wishes they could delete our podcast with an expiring subscription AKS Automatic — impressive new attack weapon or an impressive way to make Ops Cry?  A big thanks to this week's sponsor: Big thanks to Sonrai Security for sponsoring today's podcast! Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at https://sonrai.co/cloudpod  General News  00:53 Vagrant Cloud is moving to HCP  What sort of feels like a “if you care about it, get it moved into HCP before the IBM acquisition is done” Vagrant Cloud is being migrated to the Hashicorp Cloud Platform (HCP) under the new name of HCP Vagrant Registry.   All existing users of Vagrant Cloud are now able to migrate their Vagrant Boxes to HCP.  Vagrant isn't changing; HCP provides a fully managed platform to make using Vagrant easier.  An improved box search experience A refreshed Vagrant Cloud UI No Fee for private boxes Users who migrate can register for free with the same email address as their existing Vagrant cloud account.  Want to review the migration guide? You can find it here.  01:53 Justin – “I really think Vagrant would be a key pillar of the IBM future strategy for HashiCorp? Nope, I sure did not. I mean, I figured they’d probably just keep it open source and people would keep developing on it, but I didn’t really expect much. So, you know, to at least get this and an improved search experience is kind of nice because the old Vagrant cloud website, it was definitely a little stale. So I can have improved search and a new UI is always nice.” AI Is Going Great (Or How ML Makes All It's Money) 02:43 Snowflake Announces Agreement to Acquire TruEra AI Observability Platform to Bring LLM and ML O

Send us a Text Message.Are your cloud environments secure, or are they silently exposing you to threats? In this gripping episode, we sit down with security industry giant Sandy Bird from Sonrai Security. Sandy draws from his rich 20-year career, from founding Q1 Labs to his pivotal role as CTO of IBM's security division, to share invaluable insights. We uncover the evolution of cloud security, focusing on the intricate challenges of AWS IAM (Identity and Access Management). Sandy discusses how Sonrai Security is leading the way in transforming IAM with advanced analytics, helping teams effectively manage complex AWS privileges.Machine identities in cloud environments can be ticking time bombs. Sandy breaks down how developers might unintentionally create vulnerabilities that bypass traditional firewalls, making systems susceptible to external threats. With startling statistics on the number of forgotten cloud identities, we explore the enormous task of tracking these identities and the steep learning curve faced by new IAM security professionals. The conversation also covers the often non-intuitive nature of AWS permissions and API calls, adding another layer of complexity to security management.AWS environments are unique and bespoke, posing significant challenges. We discuss the intricacies of AWS certifications, the numerous traps in exam questions, and the importance of a centralized permissions firewall that offers guardrails while allowing developer freedom. Sandy introduces the idea of a 14-day trial for a cloud permissions firewall in a monitor-only mode, providing a risk-free opportunity to understand its benefits. Tune in to discover how innovative solutions are shaping the future of cloud security and why a permissions firewall could be a game-changer for your secure cloud operations.Free Trial: https://sonraisecurity.com/trial/Sonrai Security Website: https://sonraisecurity.com/LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576/Sonrai Security Sonrai prides themselves on being able to reveal every over-privileged identity and all pathsDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the Show.Affiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today

Send us a Text Message.Episode SummaryOn this episode, Sandy Bird, CTO and Co-Founder of Sonrai Security, joins the show to discuss identity security in the Cloud. Prior to Sonrai Security, Sandy co-founded Q1 Labs, which was acquired by IBM. He then became the CTO and helped IBM Security grow to $2B in revenue.Today, Sandy talks about his journey in cybersecurity and how to manage and eliminate dormant identities. Why should listeners be concerned about zombie identities? Hear about the permissions attack surface and where to start implementing zero trust policies.Timestamp Segments·       [01:41] Getting into cybersecurity.·       [03:48] Key lessons from IBM.·       [08:40] Zombie identities.·       [12:53] Is it possible to manage and eliminate dormant identities?·       [16:17] Tying the process into a CI/CD pipeline.·       [21:01] The Dirty Dozen of Cloud Identity.·       [24:13] The permissions attack surface.·       [27:00] Zero Trust best practices.·       [30:08] Creating nett new machine identities.·       [33:17] Prioritizing identity misconfigurations.·       [35:15] Sandy's mentors and inspirations.·       [37:37] How does Sandy stay sharp? Sound Bites"Nothing is a straight path in starting companies in your career.""Zombie identities are identities that were part of previous projects and never get cleaned up.""Fix the low-hanging fruit first, such as getting rid of zombie identities and locking down sensitive identities." Relevant LinksWebsite:          sonraisecurity.comLinkedIn:         Sandy BirdQuantifying Cloud Access: Overprivileged Identities and Zombie Identities

Welcome to episode 261 of the Cloud Pod podcast – where the forecast is always cloudy! Justin, Matthew, and Ryan are your hosts this week, and there's a ton of news to cover, including a slew of Azure and Oracle stories! This week the guys cover some new cost management strategies from FinOps, some Kubernetes updates, MS Build, and even fancy schmancy CoPilot PCs!  Titles we almost went with this week: Azure woke up and announced things AWS stops taking your IPv4 Money Well now everything has copilot A big thanks to this week's sponsor: Big thanks to Sonrai Security for sponsoring today's podcast! Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at https://sonrai.co/cloudpod  AWS  00:57 AWS plans to invest €7.8B into the AWS European Sovereign Cloud, set to launch by the end of 2025 Amazon is sharing more details about the AWS European Sovereign Cloud roadmap so that customers and partners can start planning.  The first AWS European Sovereign Cloud is planning to launch its first AWS Region in the state of Brandenburg, Germany by the end of 2025.   Available to all AWS customers, this effort is backed by a 7.8B Euro investment in infrastructure, jobs and skills development. Customers will get the full power of the AWS architecture, expansive service portfolio and API's that customers use today.   Customers can start building applications in any existing Region and simply move them to AWS European Sovereign Cloud when the first region launches in 2025.  And how exactly will they do that, you might be wondering? If you mean there will be an easy button that’s awesome… do it everywhere else.  if you mean update Terraform and redeployed Screw you, Amazon.  03:23 Ryan – “Yeah. It just seems so anti what they’re trying to set up with the sovereign region to begin with, right? Like, I guess copying data is fine in, but not out. Like it’s sort of, it’s like GovCloud, right? It’s completely separate. So strange.” 05:06 Application Load Balancer launches IPv6-only support for Internet clients  ALB's now allow you to provision load balancers without IPV4 for clients that can connect using just IPv6. Woot.  05:25 Ryan – “So the trick is for internal, the reason why we’re starting to see this more and more is that because you can address these huge spaces in IPv6, they’re not doing the equivalent of RFC 1918 address space. So that’s why these things become super important because they’ll configure an internal sort of networking path that

Welcome to episode 260 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts Justin, Matthew, and Jonathan and Ryan are talking about changes in leadership over at Amazon, GPT-4.o and its image generating capabilities, and the new voice of Skynet, Amazon Polly! It's an action packed episode – and make sure to stay tuned for this week's after show.  Titles we almost went with this week: Who eats pumpkin pie in May Bytes and Goodbyes: AWS CEO Logs Off AWS lets you know that you are burning money sooner than before High-Ho, High-Ho, It's GPT-4-Ohhh The CloudPod pans for nuggets in the AI Gold rush A big thanks to this week's sponsor: Big thanks to Sonrai Security for sponsoring today's podcast! Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at https://sonrai.co/cloudpod  General News  00:40 Terraform Enterprise adds Podman support and workflow enhancements The latest version of Terraform Enterprise now supports Podman with RHEL 8 and above.  Originally, it only supported Docker Engine and Cloud Managed K8 services.   With the upcoming EOL of RHEL 7 in June 2024, customers faced a lack of an end-to-end supported option for running a terraform enterprise on RHEL.   Now, with support from Podman, this is rectified.   01:18 Ryan – “This is for the small amount of customers running the enterprise either on -prem or in their cloud environment. It’s a pretty good option. Makes sense.” 01:42 Justin – “You know, the thing I was most interested in at this actually is that Red Hat Linux 7 is now end of life, which this is my first time in my entire 20 some odd career that I’ve never had to support Red Hat Linux in production because we use Ubuntu for some weird reason, which I actually appreciate because I always like Ubuntu best for my home projects, but I didn’t actually know Red Hat 7 was going away.” AI Is Going Great (Or, How ML Makes All It's Money)  03:58 Hello GPT-4o Open AI has launched their GPT-4o (o for Omni) model which can reason across audio, vision and text in real time.  The new model can accept input combinations of text, audio and image and generates any combination as output. It can respond to audio inputs in as little as 232 milliseconds, with an average of 320 milliseconds, similar to human response time in conversation.   It matches GPT-4 Turbo performance on text in English and OCDE, with significant improvements on text in non-english languages, while also being much f

iPhone photos come back from the dead! Scarlett Johansson sounds upset about GPT-4o, and there's a cockup involving celebrity fakes.All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Anna Brading of Malwarebytes.Plus! Don't miss our featured interview with Sandy Bird of Sonrai Security.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:When NASA Lost a Spacecraft Due to a Metric Math Mistake - Simscale.The worst sales promotion in history - The Hustle.Nonconsensual AI Porn Maker Accidentally Leaks His Customers' Emails - 404 Media.UK's Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at risk - Hot for Security.£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder - Graham Cluley.Apple's Photo Bug Exposes the Myth of 'Deleted' - Wired.OpenAI Voice Scandal: Sky's Fall From Grace - YouTube. How the voices for ChatGPT were chosen - OpenAI.As AI becomes more human-like, experts warn users must think more critically about its responses - CBC News.What We Lose When ChatGPT Sounds Like Scarlett Johansson - The New York Times.Scarlett Johansson's Statement About Her Interactions With Sam Altman - The New York Times.Kin TV series - Wikipedia.Portal connecting Dublin and New York 'reawakens' under new restrictions after 'inappropriate behaviour' - Sky News.How to cook the perfect chicken rendang – recipe - The Guardian.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:

Welcome to episode 259 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts Justin, Matthew, and Jonathan and Ryan (yes, all 4!) are covering A LOT of information – you're going to want to sit down for this one. This week's agenda includes unnecessary Magic Quadrants, SecOps, Dataflux updates, CNAME chain struggles, and an intro into Phi-3 – plus so much more!  Titles we almost went with this week: GKE Config Sync or the Auto Outage for K8 Feature If only all my disasters could be managed The Cloud Pod builds a Rag Doll Understanding Dataflux has given me reflux Oracle continuing the trend of adding AI to everything even databases A new way to burn your money on the cloud which isn't even your fault Google Gets a Magic Quadrant Participation Trophy We're All Winners to Magic Quadrant  Don't be a giant DNAME  A big thanks to this week's sponsor: Big thanks to Sonrai Security for sponsoring today's podcast Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at https://sonrai.co/cloudpod  General News  00:33 Dropbox dropped the ball on security, hemorrhaging customer and third-party info  Dropbox has revealed a major attack on its systems that saw customers’ personal information accessed by unknown and unauthorized entities.  The attack, detailed in a regulatory filing, impacted Dropbox Sign, a service that supports e-signatures similar to Docusign.  The threat actor had accessed data related to all users of Dropbox Sign, such as emails and usernames, in addition to general account settings.  For a subset of users, the threat actor accessed phone numbers, hashed passwords and certain authentication information such as API keys, OAuth tokens and multi-factor authentication.   To make things *extra* worse – if you never had an account but received a signed document your email and name has also been exposed. Good times.  Want to read the official announcement? You can find it here.  03:06 Jonathan- “It’s unfortunate that it was compromised. It was their acquisition, wasn’t it – ‘HelloSign' that actually had the defect, not their main product at least.” 05:44 VMware Cloud on AWS – here today, here tomorrow  Last week at recording time Matt mentioned the VMWare Cloud on AWS rumors on twitter that Broadcom was terminating.  Hock Tan, President and CEO of Broadcom wrote a blog post letting you know that VMWare Cloud on AWS is Here today, and here tomorrow.  He says the reports have been false, and contends that the offering would be going away forcing unnecessary concern for their loyal customers who have used the se

What's the best way to navigate least privilege complexities in a multi cloud environment? And how is the role of identity management evolving? We spoke to Jeff Moncrief from Sonrai Security on why identity is the new network in the cloud-driven world. We speak about the challenges of implementing least privilege in cloud environments, the misconceptions surrounding identity roles, and the critical importance of segmenting access across public clouds just as rigorously as we did on-premises. Guest Socials: Jeff's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (01:59) A bit about Jeff (03:01) How is identity different in the Cloud? (05:40) Misconceptions about least priviledge in the cloud (08:50) Cloud Native solutions for Permission Attack Surface Management (15:36) Common themes when addressing privilege in Cloud (17:22) Starting point when dealing with identities (20:03) Frameworks when working through least privilege (23:21) Showing ROI on doing least privilege

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Sandy Bird, co-founder and CTO, Sonrai Security. In this episode: Why does scaling least privilege in the cloud remain challenging? Is throwing more people at the problem feasible?  How are you managing it? What aspects haven't been considered? Thanks to our podcast sponsor, Sonrai Security A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment. Start a free trial today! sonrai.co/ciso

On this Featured Guest episode of Screaming in the Cloud, Corey is joined by Sandy Bird, Co-Founder and CTO of Sonrai Security. The two discuss the current state of cloud permissions security, and Sandy details the company's breakthrough Cloud Permissions Firewall which promises fast and scalable cloud least privilege all with one click. Corey and Sandy also talk about bunk AWS tools in this space, the insanely high “zombie” population in the cloud, and how Sonrai works for companies of all sizes.Highlights:(00:00) Welcome to Screaming in the Cloud with Corey Quinn(00:50) Sponsored Ad(01:32) Exploring Sonrai Security's Mission and Challenges(03:38) Introducing the Cloud Permissions Firewall Concept(05:59) Comparing Cloud Providers' Permissions Models(09:49) Sponsored Ad(10:12) Addressing the Zombie Identity Problem(16:44) Scaling Solutions for Different Company Sizes(20:10) Navigating Cloud Security Challenges(23:38) Innovative Approaches to Permission Management(25:27) Optimizing Permission Requests with Statistics(27:04) Improving Cloud Security with Permissions on Demand(35:15) Concluding Thoughts and ContactAbout Sandy: Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.Links referenced: Sonrai Security Website:  https://sonrai.co/screaming-cloud Free 14-Day Trial:  https://sonrai.co/screaming-trialSandy's LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576/* Sponsor Sonrai Security: https://sonrai.co/screaming-cloud 

Welcome to episode 255 of the Cloud Pod podcast – where the forecast is always cloudy! This week your hosts, Justin, Jonathan, Matthew and Ryan are here to tackle the aftermath of Google Next. Whether you were there or not, sit back, relax, and let the guys dissect each day's keynote and the major announcements.  Titles we almost went with this week: How About Some AI? “The New Way to Cloud” is a Terrible TagLine (and is what happens when you let AI do your copy) Welcome Google Cloud Next Where There is No Cloud, Just AI  Ok Google, did your phone go off? For 100 dollars, guess how many AI stories Google Has This Week  From Search to Skynet: Google Cloud Next's Descent into AI Madness ‘Next' Up from Google – AI!   Have Some Conference with Your AI  A big thanks to this week's sponsor: We've got a new sponsor! Sonrai Security   Check out Sonrai Securities’ new Cloud Permission Firewall. Just for our listeners, enjoy a 14 day trial at sonrai.co/cloudpod GCP – Google Next 2024 We're jumping right into GCP this week, so we can talk about all things Google Next.  01:44 FIrst impressions: Vegas > Moscone, so take that Vegas.  Both Ryan and Justin agree that Vegas is much better than the Mosconoe center in San Francisco for Google Next The Sessions were well organized, but Ryan is a little tired from walking back and forth between them. Exercise is tiring! Vegas infrastructure was well utilized, something Amazon didn't do as well.  Folks staying at area hotels that *weren’t* Mandalay Bay had some issues with trying to get onto / off  property at the beginning and end of the day.  Free coffee is still available. *If you can find it.  Expo hall felt cramped 08:22 Thoughts on the Keynote Address  Note: Not enough space in the arena for keynotes; the arena holds approx. 12k; numbers released by Google say there were 30k in attendance.  Thomas Kurian kicked off the keynote, introduced their new tagline “The New Way to Cloud” Sundar: Months can feel like decades in the cloud… WORD. 36B revenue run rate Kurian did a rapid fire announcement of all the things coming – which required Justin to rewatch just to get them all.  A3 Mega Nvidia H100 GPUs Nvidia GB200 NVL72 (in early 2025 TPU v5p GA Hyperdisk ML for Inference Cloud Storage Fuse Caching GA Parallel Store Caching AI Hypercomputer Dynamic Workload Scheduler Nvidia GPU Support for GDC Google Distributed Cloud GKE Enterprise for GDC AI Models on GDC Vector Search on GDC Vertex AI Solutions with GDC Secret and Top Secret

In this episode, Jim and Jeff welcome back Sandy Bird, the CTO and Co-Founder of Sonrai Security, for a sequel to their first sponsor spotlight. Sandy returns to discuss the groundbreaking Cloud Permissions Firewall with Permissions on Demand. The trio dives into how this new solution revolutionizes the way organizations can clamp down on excessive cloud permissions, streamline operations, and secure their cloud environments with unprecedented speed and efficiency. The discussion illuminates the concept of "default deny," the exhilaration of zapping "zombie" identities, and the seamless integration with cloud native tools. Sandy also shares insights on how customers can measure success with Sonrai's solution and the significant security benefits provided. For a visual walkthrough of Sonrai's Cloud Permissions Firewall, visit http://sonrai.co/idac to see the demo in action and learn how you can try it out with a 14-day free trial. And if you're at RSA, AWS re:Inforce, or Gartner IAM, look for the Sonrai Security booth and experience the epiphany moment for yourself. Connect with Sandy on LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576 Learn more about Sonrai Security: https://sonrai.co/idac Introducing the Cloud Permissions Firewall (YouTube): https://www.youtube.com/watch?v=ffQbM6KGDbY Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter. Episode Keywords Identity And Access Management (Iam), Cloud Security, Aws, Azure, Gcp (Google Cloud Platform), Least Privilege, Identity Risk, Cloud Permissions Firewall, Infrastructure As Code, Security Operations (Secops), Cloud Operations (Cloudops), Permissions Management, Excessive Privileges, Zombie Identities, Identity Governance, Access Analyzer, Sensitive Permissions, Role-Based Access Control (Rbac), Service Control Policies (Scp), Cloud Native Security

A bonus episode of The Cloud Pod may be just what the doctor ordered, and this week Justin and Jonathan are here to bring you an interview with Sandy Bird of Sonrai Security. There's so much going on in the IAM space, and we're really happy to have an expert in the studio with us this week to talk about some of the security least privilege specifics.  Background Sonrai (pronounced Son-ree, which means data in Gaelic) was founded in 2017. Sonrai provides Cloud Data Control, and seeks to deliver a complete risk model of all identity and data relationships, which includes activity and movement across cloud accounts, providers, and third party data stores. Try it free for 14 days Start your free trial today Meet Sandy Bird, Co founder of Sonrai Security Sandy is the co-founder and CTO of Sonrai, and has a long career in the tech industry. He was the CTO and co-founder of Q1 Labs, which was acquired by IBM in 2011, and helped to drive IBM security growth as CTO for global business security there.  Interview Notes: One of the big questions we start the interview with is just how has IAM evolved – and what kind of effect have those changes had on the identity models?  Enterprise wants things to be least privilege, but it's hard to find the logs. In cloud, however *most* things are logged – and so least privilege became an option.  Sonrai offers the first cloud permissions firewall, which enables one click least privilege management, which is important in the current environment where the platforms operate so differently from each other. With this solution, you have better control of your cloud access, limit your permissions, attack surface, and automate least privilege – all without slowing down DevOps2.  Is the perfect policy achievable? Sandy breaks it between human identities and workload identities; they're definitely separate. He claims, in workload identities the perfect policy is probably possible. Human identity is hugely sporadic, however, it's important to at least try to get to that perfect policy, especially when dealing with sensitive information. One of the more interesting data pieces they found was that less than 10% of identities with sensitive permissions actually used them – and you can use the information to balance out actually handing out permissions versus a one time use case.  Sonrai spent a lot of time looking at new solutions to problems with permissions; part of this includes purpose-built integration, offering a flexible open GraphQL API with prebuilt integrations.  Sonrai also offers continuous monitoring; providing ongoing intelligence on all the permission usage – including excess permissions – and enables the removal of unused permissions without any sort of disruptions. Policy automation automatically writes IAM policies tailored to access needs, and simplifies processes for teams.  On demand access is another tool that gives on demand requests for permissions that are restricted with a quick and efficient process.  Quotes from today's show  Sandy: “The unbelievably powerful model in AWS can do amazing things, especially when you get into some of the advanced conditions – but man, for a human to understand what all this stuff is, is super hard. Then you go to the Azure model, which is very different. It's an allow first model. If you have an allow anywhere in the tree, you can do whatever is asked, but there's this hierarchy to the whole thing, and so when you think you want to remove something you may not even be removing it., because something above may have that permission anyway. It's a whole different model to learn there.”  Sandy: “Only like 8% of those identities

In this episode of "Sponsor Spotlight," a special fully sponsored episode of The Identity at the Center podcast, Jim and Jeff introduce a new series that shines a spotlight on specific solutions in the digital identity space. As hosts, they delve into the world of identity security with Sonrai Security and explore their points of view in the digital identity industry. Jim and Jeff, along with their guest Sandy Bird, Co-founder and CTO of Sonrai Security, discuss key topics such as the motivation behind Sonrai Security's inception, their unique positioning in the cybersecurity landscape, and the challenges they aim to address. They also dive into Sonrai Security's approach to securing cloud identities, highlighting the four steps outlined in their blog post linked below. Throughout the episode, Jim, Jeff, and Sandy provide their insights and perspectives on the importance of identity security. Tune in to gain a deeper understanding of Sonrai Security and the broader cybersecurity landscape. Connect with Sandy on LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576 Learn more about Sonrai Security: https://sonraisecurity.com/ Cloud Identity Diagnostic: https://sonraisecurity.com/cloud-identity-diagnostic/ 4 Steps to Secure Cloud Identities If You're Stuck: https://sonraisecurity.com/blog/4-steps-to-secure-cloud-identities-if-youre-stuck/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this episode, Joseph Barringhaus, Director of Demand Generation at Sonrai Security, joins Maria and Gianna to discuss all things demand gen. Sonrai Security is a cloud security startup that focuses on identity, access, and permission in the cloud. To begin, Joseph shares that he has been in the world of cybersecurity and cloud for some time. The ability to build things from the ground up is what he has loved most about working at startups. Then, he explains his current role as Director of Demand Gen at Sonrai. He is responsible for creating awareness for the company's products first and foremost, while also making sure that awareness is brought into the pipeline. Thanks to Sonrai's close relationship with their sales team, Joseph is able to work closely with the entire funnel all the way through the customer journey. His strategy focuses on content syndication and later-stage funnel indicators. He clarifies that he is not in favor of un-gating everything. On the flip side, when things do come out that promote the company, like an e-book, Sonrai will typically un-gate the content to encourage more people to read it. More often than not, Joseph is an advocate for un-gating the things that he and his team put lots of time and effort into. Then, Joseph unpacks MQL and demand gen. Sharing his perspective on brand awareness, Joseph stresses the importance of finding your market audience and the appropriate balance for your specific company. There is real value in knowing where someone remembers you from, which of your marketing strategies did and didn't work, and how many touches it took for a customer to recognize the brand. Before wrapping up, Joseph shares his best advice for making time in the week for product knowledge and learning. In addition to keeping a detailed calendar, Joseph maintains a close relationship with the sales team to hear about what the market is saying through the team. Finally, our guest and hosts engage in a fun guessing game to reveal what career Joseph would pursue outside of the cybersecurity marketing field.   Links: Learn more about Joseph Barringhaus. Follow Gianna on LinkedIn. Catch up with Maria on LinkedIn. Join the Cybersecurity Marketing Society on our website, and keep up with us on Twitter.  

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. In the leadership and communications section, The CISO Carousel and its Effect on Enterprise Cybersecurity, CISOs are struggling to get cybersecurity budgets, Respectfully, I Disagree, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-322

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. In the leadership and communications section, The CISO Carousel and its Effect on Enterprise Cybersecurity, CISOs are struggling to get cybersecurity budgets, Respectfully, I Disagree, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-322

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. Show Notes: https://securityweekly.com/bsw-322

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. Show Notes: https://securityweekly.com/bsw-322

In this episode I talk with Eric Kedrosky the CISO of Sonrai Security. We discuss his journey into security and what it is like to be the CISO at a security vendor that is redefining IAM in the cloud.This episode is sponsored by Sonrai Security. If you want to learn more about Sonrai Security then click the link below!https://sonraisecurity.com/The Imposter Syndrome Network PodcastThe Imposter Syndrome Network (ISN) is a community of technology professionals who...Listen on: Apple Podcasts SpotifySonrai Security Sonrai prides themselves on being able to reveal every over-privileged identity and all pathsDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showAffiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today

GDPR is 5 years old, and over 1 million people have asked to be forgotten GitLab security update patches critical vulnerability        Mysterious malware designed to cripple industrial systems linked to Russia   And now a word from our sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post Cyber Security Headlines – Week in Review, May 22-26, is hosted by Rich Stroffolino with our guest, Rich Greenberg, ISSA Distinguished Fellow and Honor Roll Thanks to our show sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com. All links and the video of this episode can be found on CISO Series.com  

Google launches GUAC Barracuda gateways breached by zero-day Cyberattacks focus on Kenya's Chinese debt And now a word from our sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com.

TikTok sues Montana after state bans app US sanctions orgs behind North Korea's ‘illicit' IT worker army Fake images on Twitter briefly spook the stock market And now a word from our sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com. For the stories behind the headlines, visit CISOseries.com.

Meta receives record fine over EU data transfers China bans Micron over cybersecurity risks Crypto mixer hijacked And now a word from our sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com.

HP rushes to fix bricked printers after faulty firmware update PyPI repository under attack: User sign-ups and package uploads temporarily halted  New security flaw exposed in Samsung devices And now a word from our sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It's a sobering statistic and one that enterprise organizations cannot afford to ignore. Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. Download Sonrai Security's new CIEM Buyer's Guide to learn more about fortifying your cloud from the inside out at sonraisecurity.com. For the stories behind the headlines, head to CISOseries.com.

In this episode I discuss the sponsorship with Sonrai Security & how to best protect your money when you become a higher income earner. I am by no means an expert, I am not a financial advisor in any way, shape or form. I am only speaking purely from experience. If you want to watch the video go check out the podcast on YouTube at the link below!The Imposter Syndrome Network PodcastThe Imposter Syndrome Network (ISN) is a community of technology professionals who...Listen on: Apple Podcasts SpotifySupport the showAffiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today

Eric Kedrosky, CISO at Sonrai Security, talks about some specific steps companies can take to implement an effective cloud risk management strategy. He discusses topics including identity management, data discovery, cloud security, and vulnerability management. Sonrai Security https://sonraisecurity.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/ Youtube https://youtu.be/9rxhtvuQac4

Welcome to S5E6 of the Brilliance Security Magazine Podcast, where we bring you interviews with top security professionals in the industry. In this episode, our host Steve Bowcut is joined by Eric Kedrosky, the CISO at Sonrai Security, to discuss the recent LastPass cyber attack. Eric and Steve dive into the details of how the attack was discovered, the root causes of the breach, and what lessons security professionals can take away from this event. Join us for this insightful conversation on the latest threat to our cybersecurity. About our Guest Over the last two decades, Eric Kedrosky has honed his knowledge of Security Program Development, Security Strategy, Security Assessment, Research & Policy Development, and Leadership Development. His passion for collaborating with customers and executives has made him a crucial member of the Sonrai Security team. Few people have the combination of technical and communication skills that have pushed him to the forefront of cloud security assessment and development. Eric graduated from Carleton University in Ottawa, Canada, with a Bachelor of Computer Systems Engineering.

In this installment, Ralph C. Jensen, publisher of Security Today magazine, talks Eric Kedrosky, chief information security officer as Sonrai Security. Discussion centers on what makes the cloud difficult, how the scale and speed at which the cloud operates, impacting security practices, as well as common mistakes organization might make when moving from on-prem to the cloud. They also discuss what organizations can do right away to minimize further impact from a breach. Overall, education and training  are a must for an organization to successfully navigate to the cloud.

Cybersecurity startups do best when their prospects are innovators.  People and companies who are able to buy from and work with startups and less mature technology. But how do you know if your prospects are innovators? This episode covers one way to qualify prospects by just asking a few simple questions.  Here's what I cover:1. Example questions to ask your prospect to determine if they are innovators and able to work with you without wasting time and effort2. Tips on when and how to ask those questions3. Strategies for being upfront with buyers to show you are someone they can trustSponsorThis episode was brought to you by IT-Harvest.With over 3,200 vendors in cybersecurity, it is hard to keep track of all the latest developments as well as researching and analyzing categories and subcategories…that's where the IT-Harvest cybersecurity platform comes in.IT-Harvest is the first and only research platform dedicated to cybersecurity. And it's run by Richard Stiennon who has done it all in cybersecurity. Find out more by going to salesbluebird.com/researchOther episodes you'll enjoy:6 reasons security leaders buy from startupsDenise Hayman, CRO at Sonrai Security talks journey in cyber security and her biggest learnings Jay Wallace, VP of Worldwide Sales at Rumble, on building a sales teamAction:You know how every podcast host asks you to rate and review their podcast but doesn't tell you how and where to actually do that?! Well, I've made it easy for you!  If you enjoy the podcast, please could you give a review with this easy-to-use tool by going to Salesbluebird.com/R.  It would mean a lot to me personally and it helps grow the podcast.Connect with me: YouTube: https://www.youtube.com/@salesbluebirdTwitter: https://www.twitter.com/unstoppable_doLinkedIn: https://www.linkedin.com/in/andrewmonaghanSupport the show

Eric: CISO at Sonrai Security, a leader in cloud native security Ex-director of security and IT at Verafin Almost 20 years of experience in cybersecurity Check out the episode for our discussion on the unique elements of his dual-role and his quick-hit thoughts on what's next for cloud security. Links: https://sonraisecurity.com/ trust.safebase.io

Patrick and I are back with this week's news, Eric Kedrosky of Sonrai Security as our guest, and Spyderbat in our Startup Standup segment! We are getting our kinks worked out...We hope you tune in and subscribe! Watch Episode #43 NOW! Subscribe today!!   

In this episode, Marc talks with Sonrai Security's Brendan Hannigan, on how he went from security guard on a Jack Nicolson movie set, to cybersecurity CEO. Trained as a coder, learn how his early days at Forrester Research honed Brendan's skills in understanding marketplace fit and fueled his passion to go out and start building things. Brendan went on to lead Q1 Labs until they were acquired by IBM, where he joined as the GM of the newly formed IBM Security. That journey lead him to his current role, CEO of Sonrai Security, where he and his team are changing the way organizations secure the cloud. You'll also learn about: Why the complexities of being a Cyber CEO haven't changed in decades The origins of the term security intelligence The fulfillment of saying "OK sure, I'll try that" Why CISOs may not need to "shift left" but they have to shift somewhere

Today on the podcast we have our special guest, Denise Hayman, CRO at Sonrai Security.In this episode, we are talking about her experience in the cyber security industry and learning the different takeaways that she kept from each of her roles in different companies. With the pressure to constantly bring in numbers, it's important to think about what your priorities are and how you will work effectively with them.Denise tells us that just because someone may have only been successful in one company, it doesn't mean that they can't be successful in a different company, but they need to have the right motivation, the right coachability and the right desire to do something different. When it comes to the sales process she experienced in her career, there was a very formal qualification process and a formal kickoff to the POC, that involved socializing with the executives to make sure that there was going to be buy in. Denise stresses that having the basics in place is extremely important, and with most companies they are not consistent with keeping up with the process that needs to happen to make sure you're speaking to the right people in the sales process. If you have an open mind about each company to understand what's going on in each one you will be able to see how you can best use your skill sets to benefit the company. When you rise above the noise and go the extra mile, you will be able to flourish. Tune into the episode to hear more about Denise's experience and how you can implement some of her greatest learnings into your career journey!If you are a sales leader at a startup, or you're in the sales team, and you're searching for your repeatable scalable sales process to grow sales faster, then please get in touch with me at andrew@unstoppable.do or you can also go to my site at www.unstoppable.do. Sign up for our newsletter (https://www.salesbluebird.com)We want your questions and topic suggestions for future episodes. Send them to  andrew@unstoppable.do or send us a voice/video at https://zipmessage.com/unstoppableSupport the show (http://www.unstoppable.do)

In this episode, Don talks with Jeff Moncrief, Field CTO & Director of Sales Engineering at Sonrai Security, about the challenges of Zero Trust in the cloud, and how the security paradigm should shift from devices and boundaries to identity.

New Windows security updates break network printing Bitdefender releases decryptor as REvil shows signs of return Biden announces joint deal with U.K. and Australia to counter China Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more. For the stories behind the headlines, head to CISOseries.com

Apple issues urgent updates to fix new zero-day linked to Pegasus spyware Update Google Chrome to patch 2 new zero-day flaws under attack New Zloader attacks disable Windows Defender to evade detection Thanks to our episode sponsor, Sonrai Sonrai is gaelic for data - and that's what Sonrai Security is all about. Finding, classifying, and locking down sensitive data in AWS, Azure, or Google Cloud. Sonrai can see every identity's path to every piece of data - continuously. Learn more at sonraisecurity.com. For the stories behind the headlines, head to CISOseries.com.  

SSID Stripping is a new take on spoofing Industrial control systems hammered by cyber attacks Olympus has fallen...to ransomware Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more.

Windows MSHTML zero-day exploits shared on hacking forums REvil ransomware operators targeting new victims Yandex pummeled by Meris DDoS botnet Thanks to our episode sponsor, Sonrai Are you a security expert who's afraid to admit you don't know what the heck is going on in your cloud? Relax. Public cloud security is overwhelming. Figuring out where to start, and what to do to track and improve your security posture, is the first step. Sonrai tracks everything in your cloud - sensitive data, identities, and platform configuration - and tells you what issues are most important, plus it measures improvement over time. Talk to Sonrai Security to learn more. For the stories behind the headlines, head to CISOseries.com.