logo
episode-header-image
May 2024
26m 45s

Why Least Privilege Matters in Cloud Sec...

Cloud Security Podcast Team
About this episode

What's the best way to navigate least privilege complexities in a multi cloud environment? And how is the role of identity management evolving? We spoke to Jeff Moncrief from Sonrai Security on why identity is the new network in the cloud-driven world. We speak about the challenges of implementing least privilege in cloud environments, the misconceptions surrounding identity roles, and the critical importance of segmenting access across public clouds just as rigorously as we did on-premises.


Guest Socials: Jeff's Linkedin

Podcast Twitter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp


Questions asked:

(00:00) Introduction

(01:59) A bit about Jeff

(03:01) How is identity different in the Cloud?

(05:40) Misconceptions about least priviledge in the cloud

(08:50) Cloud Native solutions for Permission Attack Surface Management

(15:36) Common themes when addressing privilege in Cloud

(17:22) Starting point when dealing with identities

(20:03) Frameworks when working through least privilege

(23:21) Showing ROI on doing least privilege

Up next
Nov 18
How to Build Trust in an AI SOC for Regulated Environments
<p>How do you establish trust in an AI SOC, especially in a regulated environment? <a href="https://www.linkedin.com/in/grant-oviatt-882111a0/" target="_blank" rel="noopener noreferer">Grant Oviatt</a>, Head of SOC at P<a href="https://www.prophetsecurity.ai/" target="_blank" rel ... Show More
42m 15s
Nov 11
Threat Modeling the AI Agent: Architecture, Threats & Monitoring
Are we underestimating how the agentic world is impacting cybersecurity? We spoke to Mohan Kumar, who did production security at Box for a deep dive into the threats of true autonomous AI agents.The conversation moves beyond simple LLM applications (like chatbots) to the new worl ... Show More
47m 20s
Nov 4
AI is already breaking the Silos Between AppSec & CloudSec
The silos between Application Security and Cloud Security are officially breaking down, and AI is the primary catalyst. In this episode, Tejas Dakve, Senior Manager, Application Security, Bloomberg Industry Group and Aditya Patel, VP of Cybersecurity Architecture discuss how the ... Show More
1h 11m
Recommended Episodes
Feb 2025
Rethinking Cloud Security Strategies
Cloud security is more complex than ever. Organizations move fast, but security teams often struggle to keep up. In this episode of Threat Vector, host David Moulton speaks with Amol Mathur, SVP of Products for Prisma Cloud at Palo Alto Networks, about how platformization is resh ... Show More
35m 28s
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Sep 2024
D2DO250: The Realities of Responsible Disclosure in the Cloud
Cloud security and responsible disclosure are the focus of today’s conversation with guest Kat Traxler. Kat shares her insights on identifying vulnerabilities in cloud services, particularly Google Cloud, and the importance of curiosity in her research. The episode explores the r ... Show More
32m 28s
Oct 11
The Role and Evolution of Virtual CISOs with Craig Taylor
In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cy ... Show More
51m 54s
Feb 2025
The Role of Cybersecurity
<p dir="ltr">In this episode of Life of a CISO, Dr. Eric Cole dives deep into a critical question every cybersecurity professional must ask themselves: What is your real role? It's easy to hide behind job titles like "CISO" or "cybersecurity professional," but understanding the t ... Show More
29m 58s
Aug 20
Cybersecurity Breaches: Salesforce, Workday, and Critical Infrastructure Hacked
<p>In today's episode of 'Cybersecurity Today,' hosted by Jim Love, we cover several key issues in the cybersecurity landscape. Firstly, a breach involving Workday and social engineering attacks targeting Salesforce customers is discussed. Next, the risks posed by a recent Window ... Show More
9m 4s
Jun 2025
Cybersecurity Today: WestJet Cyber Incident, Anubis Ransomware Evolution, Discord Exploits, and Google Cloud Outage
Host David Shipley discusses several critical cybersecurity incidents and developments. WestJet, Canada's second-largest airline, faced a cybersecurity breach impacting its mobile app and internal systems. The airline is working with law enforcement to investigate while emphasizi ... Show More
11m 30s
Dec 2024
Behind the Scenes with Palo Alto Networks CIO and CISO Securing Business Success with Frictionless Cybersecurity
In this episode of Threat Vector, David Moulton speaks with Meerah Rajavel, CIO of Palo Alto Networks, and Niall Browne, CISO of the organization, about the importance of aligning IT strategy with cybersecurity.  Meerah and Niall discuss how frictionless security, AI integration ... Show More
39m 17s
Nov 2024
Bridging AI and Cybersecurity Gaps with Mileva Security Labs’ Harriet Farlow
Join us in this episode of Threat Vector as guest host Michael Heller shares his conversation with Harriet Farlow, CEO of Mileva Security Labs and a pioneer in AI security research. With a background spanning AI and national cybersecurity, Harriet shares her journey into adversar ... Show More
27m 17s
Listen to millions of songs and podcasts on Anghami