Pyramid of Pain, PEAK, and Bagpipes with David Bianco
🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting.Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection.What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingOutCloud #CyberSecurity #ThreatHunting #PyramidOfPain #DavidBianco #Splunk #Infosec #CloudSecurity #DetectionEngineering #BlueTeam #SecurityPodcast #SOC #ThreatIntel #IncidentResponse
--------
27:29
--------
27:29
AI-powered Security, Shared Fate, and an Archery Lesson with Dr. Anton Chuvakin
🎙️ Just dropped: Dr. Anton Chuvakin from Google Cloud, with legendary insights (and cloud security jokes).Eden Koby Naftali & Amitai Cohen sat down with Dr. Anton Chuvakin, Google Cloud's Office of the CISO, and the guy who made SIEM cool!What they got into ⬇️1) Why SOCs are broken (and full of toil)2) How to actually apply AI in security3) Why cloud appliances are still a problem4) What shared responsibility really means
--------
25:39
--------
25:39
UK Retail Breaches, SAP 0day, and CVE Troubles
🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues
--------
29:05
--------
29:05
Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner
🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨In this episode, Amitai Cohen and Eden Naftali are joined by none other than Justin, renowned bug bounty hunter and host of the Creative Thinking podcast (ctbbpodcast).Justin unpacks some of today's 🔥 topics:- Bug bounty disclosure challenges & trends- Security stories from tech giants: lessons we can all learn- Messaging platform exploits & SSRF risks- Breaking into popular monitoring tools — HTTP pitfalls & key takeaways
--------
40:24
--------
40:24
Quadruple Supply Chain Attack, IngressNightmare Exploited, and Rumors Abound
🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz.Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last episode on this critical vulnerability.• Alleged Oracle breaches: Breaking down the latest rumors and insights.
Welcome to "Crying Out Cloud," the monthly podcast that keeps you up to date with the latest cloud security news. Hosted by experts Eden Naftali and Amitai Cohen, each episode provides in-depth coverage of the most important vulnerabilities and incidents from the previous month. Tune in for insightful analysis and expert recommendations to help you safeguard your cloud infrastructure.
South Africa