SE-Radio Episode 314: Scott Piper on Cloud Security
Founder of Summit Route and creator of FLAWS, Scott Piper talks with Kim Carter about Cloud Security. This podcasts covers the often misunderstood Shared Responsibility Model. Kim and Scott discuss how our assets have changed and what the risks and countermeasures are with the exodus to the cloud. A selection of techniques are discussed on how we can evaluate the security stature of the different CSPs, along with tips for those evaluating whether to leverage in-house clouds or external cloud services. Kim and Scott discuss the pros and cons of cloud vs in-house cloud and how to leverage CSPs' security expertise. Scott walks us through his FLAWS CTF engine, which helps engineers understand the risks and how to apply mitigations to their AWS configuration. Coverage of tools such as Security Monkey and StreamAlert is also provided, to help cloud customers quickly discover their own misconfigurations.