What We Discuss with Kinnaird McQuade:
- 00:00 Introduction
- 03:33 Kinnaird’s Professional Background
- 04:44 What are Guardrails in AWS?*
- 06:51 Do we only rely on CSP Provided GuardRails or Customer Provided Guardrails?*
- 07:43 Can we rely on AWS provided GuardRails?
- 09:09 Is AWS Guardrail free?*
- 09:55 Example of AWS Guardrail services?*
- 10:42 Difference between Preventative and Detective Security Controls?*
- 12:02 Is Preventative or Detective more practical?
- 13:14 Where to start when building AWS Security Guardrails?
- 15:51 How to scale AWS Security Guardrails?
- 18:21 Is there a need for CI/CD Pipeline for scale?*
- 20:04 What is removing classes of bugs?*
- 22:46 Interesting ways people use cloud?*
- 25:05 Building blocks of AWS Security Program?*
- 27:40 IaC in a Serverless Company?
- 28:51 Separate Infra and App pipeline or one pipeline for both?*
- 30:35 Scaling security in AWS beyond Guardrails?*
- 32:10 Are security controls same as security guardrails?
- 33:07 Can we achieve Guardrails only from OpenSource only?*
- 35:53 Skillset to execute an AWS Security Program?
- 37:07 AWS Certs will not get you a job?*
- 40:44 When to move from Detective to Preventative controls?
- 42:44 Learning how to scale AWS Secuirty Controls?
- 44:48 Next stage of Cloud Security Tooling?*
- 46:36 Observability in Cloud Security?
- 48:13 Keeping up with New services coming on AWS almost every month?
- 49:54 Auto-drawing tool recommendation for AWS?
- 54:26 Terraform graph for AWS infra diagrams?
- 55:17 Fun Section
THANKS, Kinnaird McQuade!
If you enjoyed this session with Kinnaird McQuade, let him know by clicking on the link below and sending him a quick shout out at Twitter:
Click here to thank Kinnaird McQuade at Twitter!
Click here to let Ashish know about your number one takeaway from this episode!
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at email@example.com.