What We Discuss with Yoav Alon:
- 00:00 Introduction
- 03:34 Guest Professional Background
- 05:12 Is Security Research Pentesting of Cloud Service Provider(CSP)
- 06:51 Responsible Disclosure Of Vulnerability to CSP
- 08:07 What is AutoWrap Vulnerability in Azure?
- 12:04 AutoWrap Simple Example Walkthrough
- 13:53 Security Research Thinking Process
- 14:32 Is AutoWrap Fixed in Azure?
- 16:11 Is Cloud Secure?
- 19:55 Approach to discovering bugs in Cloud?
- 23:08 Would CSP be making standard APIs across each one of them?
- 26:14 Process of disclosing vulnerability to Azure
- 29:36 Would IAC Security be researched in Azure?
- 31:20 What is SnyLapse Vulnerability in Azure?
- 33:00 SnyLapse Simple Example Walkthrough
- 33:38 Is SnyLapse fixed in Azure?
- 35:34 SnykLapse example scenario
- 36:52 Why not use CVE for vulnerabilities in CSP?
- 41:06 Why now is the time for Cloud Security Research?
- 43:43 Where does one start learning about Cloud Security Research?
- 45:17 Fun Section
THANKS, Yoav Alon!
If you enjoyed this session with Yoav Alon, let him know by clicking on the link below and sending him a quick shout out at Twitter:
Click here to thank Yoav Alon at Twitter!
Click here to let Ashish know about your number one takeaway from this episode!
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at email@example.com.