We look for the balance between developers' security responsibility and the security team. Maya Kaczorowski from Google, Shannon Lietz from Intuit and Larry Maccherone from Comcast help weigh the options.
Cloud ushers in new security challenges, while alleviating others. My guests Stu Solomon CTO at Optiv and Allan Liska senior analyst at Recorded Future apply the NIST Cybersecurity Framework to draw out key elements of consideration for your security in the cloud.
If you're using Amazon AWS, Microsoft Azure, Google Cloud Platform or myriad other IaaS, PaaS and SaaS offerings, we hope you'll find this episode of value.
GDPR is having an impact on organizations in Canada and the US already. New rights for the protection of personal data each create actions that need to be taken to be compliant if an organizations is in anyway collecting, processing or otherwise data from EU subjects. This Cyverity report explains what key rights and actions look like. Moreover it explores the potential for GDPR strength legislation to come to Canada or the United States.
Containers like Docker offer new automation awesomeness, portability and predictability. But traditional security tools and ops are only the start of reducing your risks. John Morello from Twistlock, Alfredo Hickman from Rackspace and Kellman Meghu from Sycomp pull the container stack apart to reveal security gaps.
Please read NIST Application Container Security Guide co-authored by John Morello
And read Container Intrusions: Assessing the Efficacy of Intrusion Detection and Analysis Methods for Linux by Alfredo Hickman