Oct 31, 2022
Guest:
- Dr Anna Belak, Director of Thought Leadership at Sysdig, former Gartner analyst
Questions:
- Analysts (and vendors) coined a log of “C-something acronyms” for cloud security, and two of the people on this episode were directly involved in some of them. What do you make of all the cloud security acronym proliferation?
- What is CSPM? What gets better when you deploy it?
- What is CWPP? Does anything get better when you deploy it?
- What is CNAPP? What gets better when you deploy it?
- What is CIEM, Anton’s least fave acronym?
- Now, what about CDR?
Resources:
- Gartner acronym glossary
- “Container Security: The Past or The Future?” (ep54, with Anna as well)
- “Automate and/or Die?” (ep3)
- “Impersonating Service Accounts in GCP and Beyond: Cloud Security Is About IAM?” (ep60)
- “Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?” (ep76)
- “Does the World Need Cloud Detection and Response (CDR)?”
- “Announcing Virtual Machine Threat Detection now generally available to Cloud customers”
- Sysdig Threat Report Blog
- 2022 Sysdig Cloud-Native Threat Report
- Anatomy of Cloud Attacks