logo
episode-header-image
Aug 2024
36m 24s

Threat Modeling in the Cloud with Romina...

Richard Campbell
About this episode

What are the threats your cloud application and infrastructure are facing? While at NDC Oslo, Richard chatted with Daniela Cruzes and Romina Druta about their work building threat models for cloud-based applications. Daniela discusses how modeling helps to understand security concerns before applications are deployed and attacked - often, security retrofits are time-consuming and expensive, so thinking them through beforehand has enormous benefits. Romina dives into the supply chain side of threats - open-source libraries with backdoors, even down to development tools with malware. There are a lot of threats - but when you look, there are often great solutions as well. You'll need to collaborate with development to secure things, but security isn't optional and is worth fighting for.

Links

Recorded June 12, 2024

Up next
Yesterday
Building Real Software using PowerApps with Luise Freese
How does a PowerApp become a fully-fledged software application? Richard chats with Luise Freese about her experience of taking a PowerApp built by an individual through the "onboarding process" of becoming a complete software application, including requirements, tests, deploymen ... Show More
38m 35s
Jul 2
More Azure Innovations with Mark Russinovich
How has Azure been innovating lately? While at Build Richard chatted with Azure CTO Mark Russinovich about some of the latest innovations in Azure, including some of the new hardware available. Mark talks about working with hardware manufacturers to build servers optimized to the ... Show More
30m 18s
Jun 25
Getting More from GitHub with April Yoho
How do you get more from GitHub in your work routine? Richard chats with April Yoho about how sysadmins can take advantage of more GitHub features to make better quality scripts and more! April discusses the capabilities of GitHub Copilot to assist administrators in comprehending ... Show More
33m 10s
Recommended Episodes
Feb 2025
Rethinking Cloud Security Strategies
Cloud security is more complex than ever. Organizations move fast, but security teams often struggle to keep up. In this episode of Threat Vector, host David Moulton speaks with Amol Mathur, SVP of Products for Prisma Cloud at Palo Alto Networks, about how platformization is resh ... Show More
35m 28s
Aug 2024
Threat modeling LLM apps
If you have questions at the intersection of Cybersecurity and AI, you need to know Donato at WithSecure! Donato has been threat modeling AI applications and seriously applying those models in his day-to-day work. He joins us in this episode to discuss his LLM application securit ... Show More
54m 38s
Nov 2024
Cyber Espionage and Financial Crime: North Korea’s Double Threat
In this episode of Threat Vector, host David Moulton speaks with Assaf Dehan, Director of Threat Research at Palo Alto Networks’ Cortex team, about the rising cyber threat from North Korea. Dehan, a cybersecurity expert with over 18 years of experience, discusses the nation's str ... Show More
33m 28s
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Sep 2024
Large Language Model (LLM) Risks and Mitigation Strategies
As machine learning algorithms continue to evolve, Large Language Models (LLMs) like GPT-4 are gaining popularity. While these models hold great promise in revolutionizing various functions and industries—ranging from content generation and customer service to research and develo ... Show More
28m 58s
May 29
Risk, Resilience and Real Talk with Sam Ainscow
In this episode of Threat Vector, host David Moulton speaks with Sam Ainscow, Group Chief Security Officer at Hill & Smith PLC. With over 20 years in cybersecurity, Sam shares his deep insights into cyber resilience, risk assessment, and incident response. He explains why a busi ... Show More
37m 45s
Nov 2024
Bridging AI and Cybersecurity Gaps with Mileva Security Labs’ Harriet Farlow
Join us in this episode of Threat Vector as guest host Michael Heller shares his conversation with Harriet Farlow, CEO of Mileva Security Labs and a pioneer in AI security research. With a background spanning AI and national cybersecurity, Harriet shares her journey into adversar ... Show More
27m 17s
May 28
This AI Tool Can Build Any SaaS App in Minutes
Episode 60: Can you really build an $8 billion SaaS startup by yourself using AI agents? Nathan Lands (https://x.com/NathanLands) sits down with Matan Grinberg (https://x.com/matansf), a physicist, AI founder, and creator of Factory AI—one of Silicon Valley’s best-kept secrets. M ... Show More
40m 47s
Apr 2024
The role of Real Time Defense in Cloud Security
In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its ... Show More
21m 35s
Aug 2024
Securing SMBs Serving Defense Industrial Base and U.S. Critical Infrastructure
In this episode, Chris Petersen, Co-Founder and CEO of RADICL, and I discuss the challenges of securing the small and medium-sized businesses (SMBs) that serve the United States defense industrial base (DIB) and critical infrastructure. These SMBs play a significant role in suppo ... Show More
40m 59s
Listen to millions of songs and podcasts on Anghami