Episode 33 of the podcast covers defending a cloud-based enterprise with a remote workforce.
Q1 (01:44) What are the threats that worry you the most? Are you more worried about developer misconfigurations and inadvertent leaks more than an endpoint being compromised?Q2 (04:29) What are the controls you put in place that are the most cost-effective? So much is talked about defending a remote workforce; what strategies have you put in place?
Q3 (13:10) Is logging at scale or even network segmentation even rational for small to mid-sized companies especially ones that are in the cloud? If so, what does that look like in implementation ?
Q4 (15:25) What are some custom ways you use threat intelligence to alert for developer mishaps in open-source repositories?
Q5 (17:20) In large enterprise you have TH, SOC, AppSec, Red Team, CTI, VM, TPRM, IAM, etc. Can a lot of this be condensed for a company that is cloud-based and operate more efficiently at scale?
