What We Discuss with Yoav Alon:
- 00:00 Introduction
- 03:34 Guest Professional Background
- 05:12 Is Security Research Pentesting of Cloud Service Provider(CSP)
- 06:51 Responsible Disclosure Of Vulnerability to CSP
- 08:07 What is AutoWrap Vulnerability in Azure?
- 12:04 AutoWrap Simple Example Walkthrough
- 13:53 Security Research Thinking Process
- 14:32 Is AutoWrap Fixed in Azure?
- 16:11 Is Cloud Secure?
- 19:55 Approach to discovering bugs in Cloud?
- 23:08 Would CSP be making standard APIs across each one of them?
- 26:14 Process of disclosing vulnerability to Azure
- 29:36 Would IAC Security be researched in Azure?
- 31:20 What is SnyLapse Vulnerability in Azure?
- 33:00 SnyLapse Simple Example Walkthrough
- 33:38 Is SnyLapse fixed in Azure?
- 35:34 SnykLapse example scenario
- 36:52 Why not use CVE for vulnerabilities in CSP?
- 41:06 Why now is the time for Cloud Security Research?
- 43:43 Where does one start learning about Cloud Security Research?
- 45:17 Fun Section
THANKS, Yoav Alon!
If you enjoyed this session with Yoav Alon, let him know by clicking on the link below and sending him a quick shout out at Twitter:
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at firstname.lastname@example.org.