Welcome to the SilverLiningsPod, Sharing journeys of life whether my own or my incredible guests! Welcome to the family
…
continue reading
🐒長得正常正常,但感覺軀殼裏有一個女瘋子、一個男生、一隻猴子跟一個阿嬤。 🐒經歷:15歲開始賺錢,打工經驗豐富,看盡人間冷暖,市儈百態並且見怪不怪。 🐒碩士學位剛結束,被教授弄的部分可以叫我聲大前輩😂。換教授比換男友兇啊。 🐒專長:舞蹈、演戲、馬拉松、模仿、切換聲線 Powered by Firstory Hosting
…
continue reading
The podcast for Security Architecture Hosted by Moshe Ferber and Ariel Munafo. The world of software development has changed rapidly in the last years due to various factors – Cloud Computing, Digital Transformation, CI/CD & DevOps – they all changed the way we build new applications. Young startups today got access to enterprise-grade infrastructure enabling them to produce scalable, robust applications faster and cheaper. But as companies innovate faster, security challenges arise. The sec ...
…
continue reading
1
SilverLining Episode 59: Understanding the six pillars of DevSecops
32:40
32:40
Afspil senere
Afspil senere
Lister
Like
Liked
32:40
Guest: Sam Sehgal, Co-Chair for the CSA DevSecOps working group and program Lead - DevSecOps Strategy and Architecture, Dell Language: English Abstract DevSecOps, the integration of security practices into the DevOps methodology, has become a prominent topic in the field of information security in recent years. This approach emphasizes the collabor…
…
continue reading
1
SilverLining Episode 58: Quantum computing security challenges - CSA QSS working group
31:33
31:33
Afspil senere
Afspil senere
Lister
Like
Liked
31:33
Guest: Ludovic Perret, Associate Professor at Sorbonne University & Co-founder of CryptoNext Security and Bruno Huttner , Director of Quantum Strategic Initiatives at ID Quantique Language: English Abstract The Quantum-safe security working group is a Cloud Security Alliance research wg that was created to promote awareness and education on the cha…
…
continue reading
1
SilverLining Episode 57: How CISO’s should utilize cyber security startups
27:38
27:38
Afspil senere
Afspil senere
Lister
Like
Liked
27:38
Guest: Shahar Geiger Maor Guest Title: CISO at DarioHealth Language: English Abstract Many of the CISOs are often approached by early stage startups asking to be given a chance. Is it worth it? isn't it too risky? Working with security start-ups can assist the CISO’s to accomplish their goals with many benefits, as long as risks are mitigated. In t…
…
continue reading
1
SilverLining Episode 56: Researching Cloud giants security mechanisms
23:28
23:28
Afspil senere
Afspil senere
Lister
Like
Liked
23:28
Guest: Vladi Sandler, Co-Founder & CEO, Gafnit Amiga, VP of Research, Lightspin Topic: Researching Cloud giants security mechanisms Language: English Abstract The leading cloud providers these days are storing growing parts of human knowledge and businesses , and therefore their services require to be top notch in security and most of the time, the…
…
continue reading
1
SilverLining Episode 55: Analyzing SaaS Applications Threats
22:12
22:12
Afspil senere
Afspil senere
Lister
Like
Liked
22:12
Guest: Boris Gorin Guest Title: CEO & Co-Founder at Canonic Topic: Analyzing SaaS Applications Threats Language: English Abstract The 2022 history of security incidents proved that SaaS services present major security challenges for organizations. As SaaS adoption grows - more attack vectors are being discovered. In this episode we spoke with Boris…
…
continue reading
1
SilverLining Episode 54: Threats on CI/CD pipeline
31:04
31:04
Afspil senere
Afspil senere
Lister
Like
Liked
31:04
Guest: Guy Flechter Guest Title: CEO & Co-Founder at Cider Security Topic: Threats on CI/CD pipeline Language: English Abstract The main attraction point in cloud for most organizations is the ability to produce scalable and resilient applications - faster. One of the main foundations for that is the ability to create CI/CD pipelines that will auto…
…
continue reading
1
SilverLining Episode 53: Automating Infrastructure Pipelines
30:56
30:56
Afspil senere
Afspil senere
Lister
Like
Liked
30:56
Guest: Rob Hirschfeld Guest Title: CEO & Co-Founder at RackN Topic: Automating Infrastructure Pipelines Language: English Abstract In modern applications, Infrastructure automation is an important piece in the puzzle. Manual infrastructure management and security tasks in the volume required for modern application will probably lead to mistakes, mi…
…
continue reading
1
SilverLining Episode 52: Securing K8’s Deployments
32:36
32:36
Afspil senere
Afspil senere
Lister
Like
Liked
32:36
Guest: Leonid Sandler Guest title: CTO, Armosec Topic: Securing K8’s Deployments Language: English Abstract As K8’s adoption grows and matures, we sat down with Leonid Sandler, CTO and Co-Founder of ARMO, to talk about K8’s security - starting from the shared responsibility model, going through the initial configuration and deployment, and all the …
…
continue reading
1
SilverLining Episode 51: Understanding 5G Networks
33:12
33:12
Afspil senere
Afspil senere
Lister
Like
Liked
33:12
Guest: Niv David Guest title: Customer Cyber Security Director, Ericsson North America; Fellow & Lecturer, Yuval Ne'eman Workshop for Science, Technology and Security, Tel-Aviv University Language: English Abstract The 5th generation of cellular networks is not just an upgrade of previous generations such as LTE. 5G is changing the cellular network…
…
continue reading
1
SilverLining Episode 50: Building security workflow at scale
24:30
24:30
Afspil senere
Afspil senere
Lister
Like
Liked
24:30
Guest: Ravid Circus Guest title: Co-Founder, Seemplicity Language: English Abstract As organizations develop more software, and in faster cycles, greater responsibility is laid on security teams who have a full-stack responsibility for infrastructure, applications, IT services and many other aspects in the business. In this episode we spoke with Ra…
…
continue reading
1
SilverLining Episode 49: Security for Fintech Companies
37:28
37:28
Afspil senere
Afspil senere
Lister
Like
Liked
37:28
Guest: Alex Gestin Guest title: CISO, Riseup Language: English Abstract The growing number of fintech companies represent a shift in the market from traditional banking & financing to new models and tools that are empowered by technology. But fintech companies face security challenges - they need to provide customers and financial partners with ass…
…
continue reading
1
SilverLining Episode 48: Deep dive into Confidential computing
37:12
37:12
Afspil senere
Afspil senere
Lister
Like
Liked
37:12
Guest: Yan Michalevsky Guest title: Co-Founder and CTO at Anjuna Language: English Abstract Confidential computing is one of the more interesting technologies that is developed today. The combination of using secure hardware features, advanced cryptography with tight virtualization integration enables us to protect data at untrusted environments an…
…
continue reading
1
SilverLining Episode 47: Understanding Service Mesh Technologies
30:24
30:24
Afspil senere
Afspil senere
Lister
Like
Liked
30:24
Guest: Oren Penso Guest title: Senior Product Line Manager, VMware Language: English Abstract As k8’s adoption grows and flourish, organizations are starting to ask themselves how they should manage the complex network settings inside K8’s. Services mesh is a technology that adds a layer of networking & security capabilities on top of traditional K…
…
continue reading
1
SilverLining Episode 46: Securing Small & Medium businesses
27:40
27:40
Afspil senere
Afspil senere
Lister
Like
Liked
27:40
Guest: Alex Peleg Guest title: Co-founder and CVO at Cynergy Language: English Abstract Small and medium businesses are currently the most vulnerable sector in the market. They don’t have the knowledge and awareness to secure their own operations, and security vendors and IT services companies often neglect this sector. In this episode we spoke wit…
…
continue reading
1
SilverLining Episode 45: Incident response at scale
42:16
42:16
Afspil senere
Afspil senere
Lister
Like
Liked
42:16
Guest: Omri Segev Moyal Guest title: Co-Founder and CEO at Profero Language: English Abstract Incident response and forensics of cloud breaches is one of the most challenging topics in Information security. In this episode, (recording date Aug 2021) Omri Segev Moyal, co-founder & CEO at Profero, shares fascinating stories regarding recent incidents…
…
continue reading
1
SilverLining Episode 44: Gaining cloud security knowledge & certification - Part 2
25:51
25:51
Afspil senere
Afspil senere
Lister
Like
Liked
25:51
Guest: David W. Schropfer Guest Title: Host of DIY Cyber Guy Podcast Abstract: Many IT & security professionals are asking what Is the best way to enter the world of cloud computing. In this episode we continue our conversation with David W. Schropfer from DIY cyber guy about the cloud computing career paths…
…
continue reading
1
SilverLining Episode 43: Gaining cloud security knowledge & certification
25:04
25:04
Afspil senere
Afspil senere
Lister
Like
Liked
25:04
Guest: David W. Schropfer Guest Title: Host of DIY Cyber Guy Podcast Abstract: Many IT & security professionals are asking what Is the best way to enter the world of cloud computing. In this episode we had the privilege of cooperating with David W. Schropfer from the successful podcast DIY cyber guy to discuss the career paths that are relevant for…
…
continue reading
1
SilverLining Episode 42: How to mature devsecops operations
19:48
19:48
Afspil senere
Afspil senere
Lister
Like
Liked
19:48
Guest: Hemi Gur-Ary Guest Title: Co-Founder & CEO at VATA Abstract: Various organizations around the world are struggling to build & mature their devsecops operations. DSOM (Devsecops Maturity Model) is an OWASP project designed to help organizations plan and prioritize their devsecops strategies. In this episode, Hemi Gur-Ary, co-founder at VATA a…
…
continue reading
1
SilverLining Episode 41: Securing ci/cd pipeline using policy as code
40:02
40:02
Afspil senere
Afspil senere
Lister
Like
Liked
40:02
Guest: Eran Leib (vp product), Maor Goldberg (CEO) Guest Title: Founders at Apolicy (a sysdig company) Abstract: Infrastructure and policy as code is one of the hottest topics in security today. In this episode we spoke with Eran & Maor, founders at aPolicy (acquired by Sysdig shortly after the recording) , about cloud native security and how organ…
…
continue reading
1
SilverLining Episode 40: Protecting SaaS services using automation & continuous monitoring
22:55
22:55
Afspil senere
Afspil senere
Lister
Like
Liked
22:55
Guest: Adam Gavish Guest Title: Co-Founder and CEO, DoControl.io Topic: Protecting SaaS services using automation & continuous monitoring Abstract: SaaS services are blooming and organizations are adopting more and more of them. In this episode, we hosted Adam Gavish, co-founder, and CEO at DoControl - an innovative startup that is reshaping the wa…
…
continue reading
1
SilverLining Episode 39: Securing API Services
29:08
29:08
Afspil senere
Afspil senere
Lister
Like
Liked
29:08
Attendees Guest: Oz Avenstein Guest Title: Founder & CEO @ Avensec - Cloud & Application Security Topic: Securing API Services Abstract The applicative infrastructure is becoming more and more complex due to different requirements, design patterns, and technologies. In many of these cases, one of those requirements is to connect other parties to sy…
…
continue reading
1
SilverLining Episode 38: Cloud Native Security Foundations
32:43
32:43
Afspil senere
Afspil senere
Lister
Like
Liked
32:43
Attendees Guest: Gadi Naor Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native Computing Foundation) released the cloud native security whitepaper: the first release of security guidelines for organizations who adopt cloud native approaches. In order to bette…
…
continue reading
1
SilverLining Episode 37: Software Package Dependencies Attacks
27:16
27:16
Afspil senere
Afspil senere
Lister
Like
Liked
27:16
Attendees Guest: Tzachi Zornstain Guest Title: Co-Founder & CEO, Dustico Topic: Software Package Dependencies Attacks Abstract Supply chain and software dependencies attacks are becoming more popular, and organizations are having a hard time coping with those types of vectors. In this episode, we spoke with Tzach Zornstain, Co-Founder at Dustico, a…
…
continue reading
Attendees Guest: Yinon Costica Guest title: VP Product Abstract Wiz is the new star in the cloud security market, founded by veterans with a proven record and raised over $100M in less than a year of operations. In this episode, we talked with Yinon Costica, Co-Founder and VP Product at Wiz, about cloud security challenges, how is Wiz different fro…
…
continue reading
1
Episode 35: Compliance Automation and Zero Trust Containers
33:05
33:05
Afspil senere
Afspil senere
Lister
Like
Liked
33:05
Sponsored By: Attendees Guest: Malgorzata (Gosia) Steinder Guest title: CTO of Hybrid Cloud Research. IBM research Topic: Compliance automation and zero trust containers Abstract Continuous monitoring, containers, zero trust, confidential computing - those are all examples of technologies that will be the main focus in the upcoming years. In thi…
…
continue reading
Attendees Guest: Assaf Keren Guest Title: VP, Enterprise Cyber Security Company: PayPal Abstract PayPal is one of the most interesting organizations in the world in terms of security. The combination of online presence with the unique line of business is making PayPal one of the most secure hi-tech companies and one of the most innovative financial…
…
continue reading
1
Episode 33: Researching Cloud Vulnerabilities
31:24
31:24
Afspil senere
Afspil senere
Lister
Like
Liked
31:24
Attendees Guest: Asaf Hecht Guest Title: Security research team leader Company: CyberArk Abstract With the growth of cloud services, more knowledge is gathered on vulnerabilities and misconfigurations in cloud infrastructure. A great deal of this knowledge is coming from cloud security researchers. In this episode, we host Asaf Hecht, Security rese…
…
continue reading
1
Episode 32: Understanding Infrastructure as Code and How to Use it Effectively
31:39
31:39
Afspil senere
Afspil senere
Lister
Like
Liked
31:39
Attendees Guest: Ohad Maislish Guest Title: Co-Founder & CEO Company: env0 Abstract Infrastructure as code is one of the most interesting technologies in the market. It enables organizations to deploy heavy workloads within seconds and avoid risky configuration mistakes. In this episode, we talked with Ohad Maislish, Co-Founder and CEO at env0, abo…
…
continue reading
1
Episode 31: Understanding Cloud Native Security Basics
32:14
32:14
Afspil senere
Afspil senere
Lister
Like
Liked
32:14
Attendees Guest: Benjy Portnoy Guest Title: Sr. Director, Solution Architects Company: Aqua Security Abstract A cloud-native security strategy entails protecting the infrastructure, build, and running workloads. In this episode, we spoke with Benjy Portnoy, Sr Director of Solution Architects at Aqua Security regarding cloud-native security fundamen…
…
continue reading
1
Episode 30: The challenges of CISO in a security company
29:55
29:55
Afspil senere
Afspil senere
Lister
Like
Liked
29:55
Attendees Guest: Eitan Satmary Guest Title: CISO Company: Tufin Abstract Being a CISO is challenging, being a CISO at a security vendor is even more challenging. In this episode we host Eitan Satmary, CISO for Tufin, to talk about the good and bad of being a CISO in a cyber security vendor. We will talk about CISO's ability to influence innovation …
…
continue reading
1
Episode 29: Cloud Identity Governance - understanding challenges
36:09
36:09
Afspil senere
Afspil senere
Lister
Like
Liked
36:09
Sponsored By: Attendees Guest: Arick Goomanovsky Guest title: Co-Founder & Chief Business Officer Company: Ermetic Abstract In cloud platforms, identity and permissions are the most important control that customers get to implement. Network segmentation and other traditional controls are often ineffective and access to resources is determined by a …
…
continue reading
1
Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC
29:02
29:02
Afspil senere
Afspil senere
Lister
Like
Liked
29:02
Attendees Guest: Ofer Maor Guest title: Co-Founder & CTO Company: Mitiga Abstract The recent increase of cloud based attacks gives us an opportunity to examine new attack vectors and how attackers exploit new services. In this episode we talked with Ofer Maor, Co-Founder at Mitiga, about new attack vectors in cloud computing and how attackers explo…
…
continue reading
1
Silverlinings Pod EP 6: Working through emotions VS bottling things up?
15:44
15:44
Afspil senere
Afspil senere
Lister
Like
Liked
15:44
The age old debate of just wiping off the scrapes or actually facing your struggles. I use my experience in sales and with my mental health to discuss this topic. With the help from my audiences thoughts and opinions
…
continue reading
1
Episode 27: Protecting Your Cloud Data With Legal Controls
40:46
40:46
Afspil senere
Afspil senere
Lister
Like
Liked
40:46
Attendees Guest: Dalit Ben Israel Guest title: Partner, head of IT & Data protection practice Company: Naschitz Brandes Amir In the cloud era, the information security officer's new best friends are the lawyers in the legal department. Legal matters such as cross border data transfers, contractual controls and privacy laws becoming critical in clou…
…
continue reading
1
Silverlinings Pod Episode 5: How do you start after falling so many times?
9:38
9:38
Afspil senere
Afspil senere
Lister
Like
Liked
9:38
We've all been there, picking up the pieces of our life. Not knowing where to go next or even if you have the strength to do it! At this point we always ask ourselves one thing. How do we start? I cover this in this episode so tune in and let me know your thoughts on social @stirlingbenn on instagram…
…
continue reading
1
Episode 26: Current Challenges With Cloud
49:26
49:26
Afspil senere
Afspil senere
Lister
Like
Liked
49:26
This is a special episode where both of us (Moshe & Ariel – no guests this time) discuss the future of cloud computing and challenges that should be solved. We take a detailed look at shortage in manpower and knowledge, privacy laws and their influence on innovation and technology challenges such as multi tenancy, APi’s, encryption, continuous moni…
…
continue reading
1
Episode 25: From Excessive Permissions To Least Privileges - Automating Your IAM Roles
35:08
35:08
Afspil senere
Afspil senere
Lister
Like
Liked
35:08
Attendees Guest: Shira Shamban Guest title: CEO & Co-Founder Company: Solvo Abstract In modern cloud environments, Identity and Access Management controls are crucial controls. Many of the access decisions are now made not based on networking structure but rather on roles and permissions. In this episode we talk (again) with Shira Shamban, founder …
…
continue reading
1
Episode 24: Putting The Sec Into DevOps
37:14
37:14
Afspil senere
Afspil senere
Lister
Like
Liked
37:14
Attendees Guest: Dima Revelis Guest title: Senior Devops engineer Company: MoonActive Abstract DevsecOps is accelerating fast as the new buzzword for modern information security practices. In this episode we use the expertise of Dima Revelis in order to dive deep into understanding DevOps practices, what is CI/ CD pipeline and which security tools …
…
continue reading
1
Episode 23: Understanding Microsoft Cloud Security Pillars
47:42
47:42
Afspil senere
Afspil senere
Lister
Like
Liked
47:42
Attendees Guest: Yoad Dvir Guest title: Security Lead, Central and Eastern Europe Company: Microsoft Abstract Microsoft security portfolio has been growing and diversifying in the last couple of years, adding more capabilities at various areas of information security. In order to better understand Microsoft strategy and offering, we talked with Yoa…
…
continue reading
1
Episode 22: How To Do Add Open Source Code To Your Applications, Securely
32:39
32:39
Afspil senere
Afspil senere
Lister
Like
Liked
32:39
Attendees Guest: Liran Tal Guest title: Developer Advocate Company: Synk Abstract Open source software takes a big part in our daily lives, and also in our development environments. Many applications developers rely on open source libraries & tools and integrating it into their code. This is a great improvement for developers allowing them to innov…
…
continue reading
1
Episode 21: Building The Next Generation Of Cloud Services
26:59
26:59
Afspil senere
Afspil senere
Lister
Like
Liked
26:59
Attendees Guest: Eran Feigenbaum Guest title: CSO, Oracle Cloud Abstract The first generation of cloud services began about 15 years ago and stretched until now, but it came with many built-in challenges due to lack of maturity and the fact that security was added on top and not present from the start. In this episode we talk with Eran Feigenbaum, …
…
continue reading
1
Episode 20: The Dark Side Of Privacy
52:42
52:42
Afspil senere
Afspil senere
Lister
Like
Liked
52:42
Attendees Guest: Menny Barzilay Guest title: Partner @ Herzog Strategic, CTO, ICRC, Tel Aviv University Abstract For our 20’ish episode we spoke with a very special guest, the one and only - Menny Barzilay. Menny is one of the most interesting speakers in the cyber landscape, he is an expert in simplifying complex concepts, integrating interesting …
…
continue reading
1
Episode 19: Understanding Cloud Attack Vectors
40:22
40:22
Afspil senere
Afspil senere
Lister
Like
Liked
40:22
Attendees Guest: Or Kamara Guest Title: Senior team lead Company: Synk Abstract Cloud computing can bring interesting and new attack vectors. In this episode, we talk with Or Kamara, Senior team lead at Synk, about the Capital-one hacking and what can be learned from the event in order to better protect our networks. We will analyze the attack step…
…
continue reading
1
Episode 18: Testing Cloud Application
38:08
38:08
Afspil senere
Afspil senere
Lister
Like
Liked
38:08
Attendees Guest: Bar Hofesh Guest Title: Co-Founder Company: Neurolegion Abstract Application security is among the hardest things to get right. In this episode we are talking with Bar Hofesh from Neurolegion about the world of automated security testing - what are the challenges, what are the different stages of integration and delivery and how to…
…
continue reading
1
Episode 17: How to do penetration testing in cloud application
37:03
37:03
Afspil senere
Afspil senere
Lister
Like
Liked
37:03
Attendees Guest: Oz Avenstein Guest Title: Founder Company: Avensec Abstract Penetration tests are one of the strongest controls that we use. It is testing the overall resilience of our application and allows us to be more confident in our workloads. But in the cloud era, cloud applications pen testing needs to be coordinated with the providers. In…
…
continue reading
1
Episode 16: Merging Cloud Based Startup Into Financial Giants
56:21
56:21
Afspil senere
Afspil senere
Lister
Like
Liked
56:21
Attendees Guest: Ori Troyna Guest title: Global head of product security at Payu Company: Payu Abstract Payu, a global fintech gaint acquired Zooz , a small payment startup. In this episode we talk with Ori Troyna, Global head of product security at Payu about the challenges that such a merger between two very different companies with different eng…
…
continue reading
1
Episode 15: Challenges Of Selecting SaaS Providers
38:46
38:46
Afspil senere
Afspil senere
Lister
Like
Liked
38:46
Attendees Guest: Tal Arad Guest title: Former CISO Company: CEVA logistics Abstract Consuming SaaS from various vendors can be a challenging task, the first challenge is to distinguish who are the mature providers that you can trust your data with, and the second challenge is auditing them and their services. In this episode we talk with Tal Arad, …
…
continue reading
1
Episode 14: DevOps Secret Management
30:45
30:45
Afspil senere
Afspil senere
Lister
Like
Liked
30:45
Attendees Guest: Oded Hareven Guest title: Founder & CEO Company: A-Key-Less Abstract Application Secret management is becoming one of the biggest challenges for application security. With cloud, CI/CD and micro services architecture we discover that we are using a growing number of encryption keys, API keys, SSH keys tokens and connection strings.…
…
continue reading
1
Episode 13: Creating Trust & Awareness
31:56
31:56
Afspil senere
Afspil senere
Lister
Like
Liked
31:56
Attendees Guest: Vladi Sandler Guest title: Cloud Security team leader Company: cymotive.com Abstract Gaining trust and developing awareness with customers is one of the hardest challenges for providers. It is almost an art. In this episode we talk with Vladi Sandler from Cymotive about creating healthy relationships with customers and how a mixtur…
…
continue reading
1
Episode 12: Diving Into Authorization And Policy Bases Access Controls
35:29
35:29
Afspil senere
Afspil senere
Lister
Like
Liked
35:29
Attendees Guest: Tsachi Lutaty Guest title: R&D manager Company: PlainID Abstract In the past years we have reached important progress in authentication. Multi factor authentication and Identity Federation solved many of the identity authentication challenges. So it is now time to focus on the second aspect of Identity & Access Management - the asp…
…
continue reading