Ep 24 | 1.30.22

Zero Trust for cloud assets: Identity authentication and authorization.

Show Notes

Applying Zero Trust principles to access rights can be tricky given the volume and dynamic nature of services in the cloud. Serverless computer services, like AWS Lambda, multiply the volume of identities to manage. These cloud services often have excessive permissions to access sensitive data and can become a potential entry point for an attacker to exploit.

The CyberWire's Rick Howard speaks with Scott Farber, Principal Cyber Architect & Zero Trust Technical Lead at MITRE about the topic. Show Sponsor Sysdig's Vice President of Security Product Management, Maor Goldberg, brings experience with data center and cloud to a discussion with CyberWire-X on the considerations for managing access rights in this hybrid world. They consider the pros and cons of different approaches to enforcing least privilege in the cloud.

CyberWire-X

Podcast Info

Sponsored by Sysdig

Sysdig is driving the secure DevOps movement, empowering organizations to confidently secure containers, Kubernetes, and cloud. With Sysdig, teams secure the build, detect and respond to threats, continuously validate cloud configurations and compliance, and monitor performance. Sysdig is a SaaS platform, built on an open source stack that includes Falco and sysdig OSS, the open standards for runtime threat detection and response. Hundreds of companies rely on Sysdig for container and cloud security and visibility. Learn more.