SilverLining Episode 56: Researching Cloud giants security mechanisms

Guest: Vladi Sandler, Co-Founder & CEO, Gafnit Amiga, VP of Research, Lightspin Topic: Researching Cloud giants security mechanisms  Language: English   Abstract The leading cloud providers these days are storing growing parts of human knowledge and businesses , and therefore their services require to be top notch in security and most of the time, they actually provide very resilient security services. But every now and then, a talented security researcher finds vulnerabilities even on the most mature services - In this episode we spoke with Vladi Sandler & Gafnit Amiga from Lightspin regarding the AWS RDS vulnerability they recently discovered and what is the process of researching cloud provider vulnerabilities and how to do responsible disclosure.  As a bonus, we also discussed the open-source tools released by Lightspin and the way they can help organizations protect their cloud resources.   https://blog.lightspin.io/aws-rds-critical-security-vulnerability https://recon.cloud  -  Free CNAPP tool https://github.com/lightspin-tech/red-detector - EC2 vulnerability scanner  https://github.com/lightspin-tech/red-kube - K8S Adversary Emulation

Om Podcasten

The podcast for Security Architecture Hosted by Moshe Ferber and Ariel Munafo. The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The security community has not mastered yet the full art of developing software fast, at scale, and secure and variety of companies still struggle to found the right foundation for their security posture. SilverLining podcast was created to help you do just that – find the right combination of people, processes, and technologies to build more secure and reliable services. We will focus on the latest development in infrastructure and software development and talk with people who mastered how to secure those. In each episode, we will host an expert for discussion on the security aspects of new technologies and provide insights, best practices, and knowledge in creating more secure software architecture.