logo
episode-header-image
Oct 2024
34m 22s

Traditional PAM vs Cloud CPAM for a clou...

Cloud Security Podcast Team
About this episode

In this episode of the Cloud Security Podcast, Ashish sat down with Art Poghosyan, CEO and co-founder of Britive, to explore the changing world of identity and access management (IAM) in the cloud era. With over two decades of experience in the identity space, Art breaks down the challenges of traditional Privileged Access Management (PAM) and how cloud-native environments require a rethinking of security strategies.

From understanding the complexities of cloud infrastructure entitlements to unpacking the differences between on-premise and cloud-based PAM, Art explains why "Identity is the new perimeter" and how modern organizations must adapt. They dive deep into the importance of Just-in-Time (JIT) access, non-human identities, and the critical role identity plays as the first and last line of defense in cloud security.


Guest Socials:⁠⁠ ⁠⁠⁠⁠⁠⁠Art's Linkedin

Podcast Twitter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp


Questions asked:

(00:00) Introduction

(01:53) A bit about Art

(02:51) What is IAM?

(04:02) What is Cloud Privilege Access Management?

(06:08) Why do we need CloudPAM in 2024?

(07:52) Non Human Identities

(08:39) Privilege in Cloud vs On Premise

(09:49) SAML vs PAM

(12:21) Just in Time provisioning in Cloud

(17:17) Making Access Management Developer Friendly

(19:12) What should security team be looking at ?

(21:22) Communicating IAM vulnerabilities

(23:45) Tactical steps to level up IAM

(27:20) Zero Trust and IAM

(30:56) Fun Questions

Up next
Aug 22
New Identity Blueprint for a Future with Cloud & AI
Identity is the root cause of over 70% of all security incidents, yet many organizations still rely on fundamentally flawed authentication methods. In this episode, Jasson Casey, CEO and co-founder of Beyond Identity, explains why even common forms of MFA are insufficient and why ... Show More
49m 44s
Aug 8
AI for SOC Automation: A Blueprint for the New world of Incident Response
The nature of Security Operations is changing. As cloud environments grow in complexity and data volumes explode, traditional approaches to detection and response are proving insufficient. This episode features an in-depth conversation with Kyle Polley, who leads the AI security ... Show More
52m 39s
Aug 7
The Truth About Agentic AI in the SOC: Reality vs. Hype
What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real-world applications and limitations.Ashish Rajan is joined by Edward Wu, CEO of ... Show More
52m 39s
Recommended Episodes
Feb 2025
Rethinking Cloud Security Strategies
Cloud security is more complex than ever. Organizations move fast, but security teams often struggle to keep up. In this episode of Threat Vector, host David Moulton speaks with Amol Mathur, SVP of Products for Prisma Cloud at Palo Alto Networks, about how platformization is resh ... Show More
35m 28s
Sep 2024
D2DO250: The Realities of Responsible Disclosure in the Cloud
Cloud security and responsible disclosure are the focus of today’s conversation with guest Kat Traxler. Kat shares her insights on identifying vulnerabilities in cloud services, particularly Google Cloud, and the importance of curiosity in her research. The episode explores the r ... Show More
32m 28s
Apr 2025
Understanding SaaS Security: Insights, Challenges, and Best Practices
In this episode of Cybersecurity Today, host Jim Love delves into the topic of SaaS (Software as a Service) security. Sharing his early experiences promoting SaaS, Jim elaborates on its inevitable rise due to cost-effectiveness and shared development resources. The episode highli ... Show More
38m 5s
Apr 2025
D2DO271: Public Vs. Private Cloud In 2025
The shine has been coming off public cloud for awhile. Cloud costs remain high, complexity is growing, and public cloud interoperability is difficult. And while there’s talk about moving back to private cloud, that migration presents its own costs and complexities. To help us nav ... Show More
38m 33s
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Jan 2024
2782: Demystifying Cloud Innovation: A Journey from GoDaddy to the Future of Cloud Computing
Have you ever wondered about the masterminds shaping the cloud computing landscape? In today's episode of Tech Talks Daily Podcast, we dive into the world of cloud innovation with a special guest, Darren Shepherd, the Chief Architect and co-founder of Acorn Labs. Darren's journey ... Show More
22m 10s
Jun 14
The Secret CISO: Navigating the Human and Technical Challenges in Cybersecurity
In this episode of 'Cybersecurity Today,' hosts John Pinard and Jim Love introduce their unique show, 'The Secret CISO,' which aims to dive deep into the lives and thoughts of CISOs and similar roles, beyond the usual interview-style format. The guest for this episode is Priya Mo ... Show More
51m 57s
Jul 2021
Day Two Cloud 106: Towards A More Open Cloud
On today's Day Two Cloud we discuss the notion of open cloud. The premise is about reducing or minimizing costs of migrating from a public cloud. In theory, open cloud lets organizations keep their options open to make changes and reduces lock-in. But is open cloud even feasible? ... Show More
48m 41s
Feb 2025
The Role of Cybersecurity
In this episode of Life of a CISO, Dr. Eric Cole dives deep into a critical question every cybersecurity professional must ask themselves: What is your real role? It’s easy to hide behind job titles like “CISO” or “cybersecurity professional,” but understanding the true essence o ... Show More
29m 58s
Feb 2025
PP049: CSMM – A Practical Model for Improving Your Cloud Security
The Cloud Security Maturity Model (CSMM) is a practical blueprint for improving the security of your public cloud deployments. Developed in partnership with the Cloud Security Alliance, IANS, and Securosis, the model covers 12 categories, such as network security and application ... Show More
42m 55s
Listen to millions of songs and podcasts on Anghami