What We Discuss with Kinnaird McQuade:
- 00:00 Introduction
- 03:33 Kinnaird’s Professional Background
- 04:44 What are Guardrails in AWS?*
- 06:51 Do we only rely on CSP Provided GuardRails or Customer Provided Guardrails?*
- 07:43 Can we rely on AWS provided GuardRails?
- 09:09 Is AWS Guardrail free?*
- 09:55 Example of AWS Guardrail services?*
- 10:42 Difference between Preventative and Detective Security Controls?*
- 12:02 Is Preventative or Detective more practical?
- 13:14 Where to start when building AWS Security Guardrails?
- 15:51 How to scale AWS Security Guardrails?
- 18:21 Is there a need for CI/CD Pipeline for scale?*
- 20:04 What is removing classes of bugs?*
- 22:46 Interesting ways people use cloud?*
- 25:05 Building blocks of AWS Security Program?*
- 27:40 IaC in a Serverless Company?
- 28:51 Separate Infra and App pipeline or one pipeline for both?*
- 30:35 Scaling security in AWS beyond Guardrails?*
- 32:10 Are security controls same as security guardrails?
- 33:07 Can we achieve Guardrails only from OpenSource only?*
- 35:53 Skillset to execute an AWS Security Program?
- 37:07 AWS Certs will not get you a job?*
- 40:44 When to move from Detective to Preventative controls?
- 42:44 Learning how to scale AWS Secuirty Controls?
- 44:48 Next stage of Cloud Security Tooling?*
- 46:36 Observability in Cloud Security?
- 48:13 Keeping up with New services coming on AWS almost every month?
- 49:54 Auto-drawing tool recommendation for AWS?
- 54:26 Terraform graph for AWS infra diagrams?
- 55:17 Fun Section
THANKS, Kinnaird McQuade!
If you enjoyed this session with Kinnaird McQuade, let him know by clicking on the link below and sending him a quick shout out at Twitter:
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at email@example.com.