Podcast: Play in new window | download
Subscribe: Apple Podcast |
Tech Spective Podcast, Episode 138
Cloud environments have changed the way organizations operate, but they have also presented new challenges for cybersecurity teams. In the latest episode of the TechSpective Podcast, I sat down with Eyal Fisher, Chief Procurement Officer at Sweet Security, to dive into the evolving landscape of cloud security and the innovative solutions needed to stay ahead of threats.
Addressing the unique challenges of cloud security
Cloud environments are large, dynamic, and provide a much larger attack surface than traditional on-premises environments. This complexity makes real-time threat detection particularly difficult. As Eyal Fisher explains, traditional security tools designed for endpoints or on-premises environments struggle to scale effectively in the cloud. The key is to understand the unique nature of cloud infrastructure and use technologies specifically designed for it.
eBPF and runtime detection
One of the highlights of the conversation was how Sweet Security leverages eBPF (Extended Berkeley Packet Filter) technology to gather deep insights into cloud environments without complex deployments. Eyal emphasizes that detecting threats at runtime—when the cloud is active—is critical to identifying real risks amidst the noise generated by day-to-day operations.
Addressing non-human identities
Another critical issue is the explosion of non-human identities in cloud environments. These include APIs, machine-to-machine interactions, and service-to-service communications. Traditional identity security approaches, such as multi-factor authentication, focus on human users and ignore the majority of risks. Eyal explains how Sweet Security's runtime approach helps prioritize non-human identities that need immediate attention based on actual behavior.
Artificial intelligence and the future of cybersecurity
AI is transforming the cybersecurity industry, and Sweet Security is at the forefront of using AI and large language models (LLMs) to improve cloud defenses. Fisher shares how AI helps their solutions analyze environments, reduce response times, and even help Security Operations Center teams investigate incidents more effectively.
A comprehensive approach to cloud defense
What sets Sweet Security apart from others is its comprehensive defense strategy. Unlike other solutions that focus on the infrastructure, cloud, or application layer, Sweet covers all three. This comprehensive approach ensures that threats can be detected no matter where they come from – from the application layer all the way to the cloud infrastructure.
Watch the full episode to learn more about how runtime detection, non-human identity security, and AI are reshaping the way organizations approach cloud security. The podcast itself is audio only, but a video of our conversation is also available on YouTube if you prefer:
Please ask questions and share your thoughts on the topic in the comments below. Please also subscribe to TechSpective Podcast through your favorite podcast platform and share the podcast with your colleagues and friends.
If you enjoy the podcast, I would also appreciate it if you could take a couple of minutes to rate and review the podcast on iTunes or wherever you listen.
I have a passion for technology and gadgets – with a focus on Microsoft and security – and a desire to help others understand how technology can impact or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and a turtle, and I like to think I enjoy reading and golf even though I don't have time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram, and LinkedIn.
