Posts

It's the final episode of Head In The Cloud, but it's not the end of one of your favourite security podcasters! Listen up to hear what's in store for the podcast and why I'm shutting down Head In The Cloud. Some links: Purple Squad Security Purple Squad Security Slack Signup Bot Head In The Cloud was proud to be a part of the GonnaGeek Podcast Network! Thanks for listening, and have a great week!

http://myheadinthe.cloud/p…/goodnight-goodbye-and-good-luck/

It’s the final episode of Head In The Cloud, but it’s not the end of one of your favourite security podcasters! Listen up to hear what’s in store for the podcast and why I’…
myheadinthe.cloud

AWS, Breaches, Chihuahuas, and more with Corey Quinn

http://myheadinthe.cloud/…/aws-breaches-chihuahuas-and-mor…/

I speak with Corey Quinn about AWS and their recent news headlines related to various breaches amongst other things…
myheadinthe.cloud
Posts

Disaster recovery is an important part of any security plan you have for your organization. Disaster recovery in the cloud is equally important but is often overlooked. In this episode I take a look at different levels of disaster recover, how to apply them to the cloud and some ideas for defining your own disaster recovery plan. Some links: Compare Azure and AWS Service Offerings… [ 92 more words ]

http://myheadinthe.cloud/pod…/disaster-recover-in-the-cloud/

A brief look at disaster recovery and how it applies to the cloud.
myheadinthe.cloud

Scott Piper (@0xdabbad00) joins me to talk about flAWS, a website he created that is part capture the flag (CTF), red/blue team training, AWS security guide and honeypot! Lots of interesting topics of discussion in this episode you definitely don't want to miss! Some links: flAWS SummitRoute Downclimb Blog Article - Free Tools for Auditing The Security of an AWS Account… [ 62 more words ]

http://myheadinthe.cloud/…/uncovering-flaws-in-your-aws-cl…/

Scott Piper (@0xdabbad00) joins me to talk about flAWS, a website he created that is part capture the flag (CTF), red/blue team training, AWS security guide and honeypot!
myheadinthe.cloud

Just a friendly reminder, but Head In The Cloud has a new #slack community! Join us: https://join.slack.com/…/MjEwMjA4NTkzNzM0LTE0OTk0MzIzNTAtYm…

myheadinthecloud.slack.com

The big three! The "ah-s" or "as-s" if you will. I discuss what IaaS, PaaS, and SaaS are, what they stand for and what security related concerns you should have regarding each one. Some links: CIS Hardening Benchmarks Slack Signup Link Proud to be part of the GonnaGeek Podcast Network! Want to get in touch? Feel free to reach out!

http://myheadinthe.cloud/podcast/iaas-paas-and-saas-oh-my/

Looking at the different *aaS solutions, what they are and what the security concerns around them are.
myheadinthe.cloud

Jumping on the Slack bandwagon, Head In The Cloud now has a Slack presence! Come join me on Slack:

https://join.slack.com/…/MjEwMjA4NTkzNzM0LTE0OTk0MzIzNTAtYm…

myheadinthecloud.slack.com

This fills me with no end of joy. Thank you Girl Scouts for your progressive stance!

http://www.reuters.com/arti…/us-usa-girlscouts-idUSKBN19C29G

Cookie sales may take a back seat to fighting identity theft and other computer crime now that Girl Scouts as young as 5 are to be offered the chance to earn their first-ever cyber security badges.
reuters.com

Today's episode is all about Malware - what can we do to protect ourselves, what are some best practices we can follow, etc. I'm a firm believer that Malware is something we can help curtail if we all do our part in protecting ourselves. The fewer systems there are to infect, the less common it will be. Some links: SANS Incident Handling for Small and Medium Businesses Whitepaper… [ 44 more words ]

http://myheadinthe.cloud/p…/malware-what-can-we-do-about-it/

I talk about Malware and some protections we can take in preventing its spread.
myheadinthe.cloud

I speak with Archie Agarwal from ThreatModeler about DevOps, DevSecOps and Rugged DevOps before diving into some other general security topics and how they work with the cloud.

http://myheadinthe.cloud/…/devsecops-and-rugged-devops-wit…/

I speak with Anurag “Archie” Agarwal from ThreadModeler about DevSecOps, Rugged DevOps, their differences and a bit about threat modeling.
myheadinthe.cloud

"Want to pentest Azure or Azure services? Go ahead says Microsoft" by Nic Cancellari on Peerlyst

https://www.peerlyst.com/…/want-to-pentest-azure-or-azure-s…

peerlyst.com

Happy to announce that Head In The Cloud is now a part of the GonnaGeek #podcast network! Thanks for having us guys!

In this episode, I take a look at the different colours that often come up in security discussions, such as black, white, red, blue, gray, and purple! Looking at each one in turn as well as figuring out what they mean is the purpose of this episode. And people thought InfoSec was boring... Happy to be part of the GonnaGeek… [ 40 more words ]

http://myheadinthe.cloud/…/the-different-colours-of-securi…/

In this episode, I take a look at the different colours that often come up in security discussions, such as black, white, red, blue, gray, and purple! Looking at each one in turn as well as figuri…
myheadinthe.cloud

Separation of duties will only take you so far, even in the cloud. You will always have the potential for a bad actor, and internal threats are the most dangerous.

https://nakedsecurity.sophos.com/…/when-sysadmins-attack-h…/

Nothing can stand in the way of malice and incompetence
nakedsecurity.sophos.com

In this week's podcast I take a look at Intrusion Detection Systems (IDSs), what they are, what they do, how they work and how they fit into a cloud security model. I went a bit long on this one but I think it's necessary given the breadth of this topic. Some useful links from this podcast: Snort Bro Suricata OSSEC… [ 54 more words ]

http://myheadinthe.cloud/podcast/lets-talk-about-idss/

Taking a look at IDSs, what they are, how they work and how they relate to cloud security.
myheadinthe.cloud

These are some great tips whether you are a traditional vendor or one who has migrated to the #cloud.

https://www.darkreading.com/…/securely-manag…/a/d-id/1329040

Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
darkreading.com

In this week's podcast I welcome Ishay Tentser to discuss data residency, privacy and law. This is an important topic that can get overlooked as you focus on security, but with a global economy, it's important to keep it at the forefront. Ishay is the CEO of IniTech-Digital Products & Innovation and was kind enough to join me from Jerusalem, Israel to discuss this important topic. [ 61 more words ]

http://myheadinthe.cloud/…/data-residency-and-privacy-with…/

I speak with Ishay Tentser, CEO of IniTech-Digital Products & Innovation, about Data Residency and Privacy.
myheadinthe.cloud