Show cover of Ink8r (in·​cu·​ba·​tor) Podcast

Ink8r (in·​cu·​ba·​tor) Podcast

A podcast covering socio-technical themes, concepts, and technologies that matter to the modern enterprise

Tracks

Episode #43 - Cultivating Resilience and Innovation in Cybersecurity with Mel Reyes
In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Mel Reyes, a distinguished figure in the tech industry known for his roles as a global CIO and CISO, founder of Digital Guardians, and an active community contributor.  Mel shares his extensive experience in IT and security, discussing the evolving challenges in cyber threats, compliance, and the importance of leadership in security operations.  He emphasizes the significant impact of management support on cultural change within organizations and highlights the necessity of building trust and collaboration among teams. Mel also dives into the importance of addressing employee burnout and the critical role of establishing a robust security mindset across all levels of a company. Throughout the conversation, Mel advocates for a people-focused approach, underscoring that effective security and technological advancement rely heavily on nurturing and empowering personnel.Tune in and enjoy insights from a cybersecurity leader!
39:55 5/7/24
Episode #42 - Unpacking the Future of Hybrid Clouds with Dell’s PowerFlex
In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran delve into the transformative world of hybrid cloud with guest Steve Bisnett, Global Field CTO for PowerFlex at Dell Technologies. Steve shares insights into his extensive background in the tech industry, especially his experiences transitioning from customer-focused roles to influencing product innovation at Dell.The episode centers around PowerFlex, a pioneering software-defined storage solution. This technology, initially acquired and evolved over time by Dell, addresses the burgeoning needs of modern data centers characterized by high scalability and the flexibility to adapt to various workloads and configurations.Steve explains the evolution of PowerFlex, highlighting its role in revolutionizing Dell's approach to storage solutions by integrating aspects of traditional three-tier architectures and hyper-converged infrastructures. This integration allows for separate scaling of storage and compute resources, crucial for handling the diverse needs of enterprise environments.The discussion also covers the challenges organizations face, such as infrastructure complexity, cost management, and lifecycle management. PowerFlex addresses these through consolidation and a high degree of automation, which significantly simplifies operations and reduces the need for extensive human intervention.Moreover, Steve elaborates on the strategic applications of PowerFlex in enterprise settings, particularly its capability to support a variety of workloads and operational models, whether on-premise or in the cloud. This flexibility is essential for enterprises looking to optimize performance and cost, especially those transitioning between cloud and on-premise environments.The podcast provides a comprehensive view of how PowerFlex fits into the broader Dell ecosystem, capable of meeting specialized needs such as high-performance computing or extensive data storage through seamless integration with other Dell products.This episode underscores the importance of adaptive technologies like PowerFlex in managing and transforming large-scale IT environments, reflecting Dell's commitment to innovation and customer-centric solutions in the evolving landscape of enterprise technology.
34:05 4/14/24
Episode #39 - Consumption Economics: A neoclassical view of cloud
In this podcast episode, we delve into the neoclassical economic view of cloud computing with Sarbjeet Johal, analyst, evangelist, and founder. The discussion begins by exploring the relevance of cloud in modern digital transformation.  We then explore principles rooted in neoclassical economics, focusing on concepts such as consumption economics, utility maximization, institutional/transactional costs implications, and how these apply to the cloud computing market. Key points include an analysis of supply and demand dynamics in cloud services, cost-benefit considerations for businesses transitioning to the cloud, and the role of competition among major cloud providers in shaping prices and service quality.This episode is a must-listen for anyone interested in the intersection of economics and cloud computing, offering a view of cloud computing through the lens of neoclassical economics.
21:43 2/4/24
Episode #40 - Anonymisation through pseudonymisation
In this podcast episode, we delve into data masking, data privacy, test data management, test environment management, the role of synthetic data, and the value of establishing a data fabric.  Quite a bit of ground to cover!K2View is a leader in data fabric and Customer 360, creating a comprehensive view of the customer journey which aids businesses in understanding customer behavior, preferences, and needs, leading to better service and personalized experiences.This of course naturally leads to the topic of data privacy. Hod Rotem emphasizes the increasing importance of safeguarding consumer data by sharing strategies and best practices for maintaining data privacy through concepts such as synthetic data and data subsetting via the domain of test data management.  This ultimately leads to more agile, accurate, and cost-effective testing processes overall.Have a listen and enjoy real-world examples and perspectives regarding future trends in data management and privacy.
38:33 2/1/24
Episode #38 - Practicality in Protection: Implementing an AppSec Program
In this episode of our podcast, we sit down with Jeevan Singh, a distinguished leader in the field of Application Security (AppSec), to delve into the intricate world of securing software applications. The discussion highlights the perils and challenges faced by organizations in today’s digital landscape, emphasizing the growing sophistication of cyber threats and the vital importance of robust AppSec programs.Jeevan articulates how he approaches implementing AppSec programs through a crawl, walk, run progression, which helps to address cultural gaps that may exist between security teams and developers. He stresses the need for a paradigm shift from viewing security as a mere checkpoint, to integrating AppSec as a fundamental aspect of the development process. Jeevan shares insightful anecdotes and experiences to illustrate how this shift can lead to more secure and efficient development workflows.Jeevan is active in the community, being Co-Chapter lead for OWASP Vancouver, as well as teaching threat hunting/modeling techniques to his local community.  https://www.owasp.org/index.php/VancouverEver insightful, Jeevan offers advice to organizations just starting their AppSec journey and provides insights into the future trends in application security. This podcast is a must for anyone looking to make meaningful progress in their AppSec journey.  We are confident our listeners will come away with a comprehensive understanding of the challenges and solutions in Application Security, enriched by Jeevan Singh’s expertise and practical insights.
43:29 1/4/24
Episode #37 - CISO Perspectives on Cybersecurity Programs, Risks, and Priorities
Join Satbir and Darren as they interview Nemi George, a seasoned Chief Information Security Officer (CISO) of Pacific Dental Services, as they cover a complex tapestry of modern cybersecurity concerns.The discussion covers diverse topics including the evolving threat landscape, the rise of sophisticated cyber attacks, evolving insider threats, risk management, supply chain complexity, and the value of preventive action. As the conversation unfolds, Nemi highlights the importance of a robust security culture within an organization, articulating that while technology is a critical line of defense, the human element remains the most unpredictable.  Initiatives to enhance security awareness, continual education programs, and behavioral analytics to detect insider threats are discussed as key strategies.A portion of the conversation is dedicated to the impact of regulatory compliance with Nemi discussing the challenges in navigating complex international laws such as the GDPR, CCPA, and industry/state-specific regulations.  Amidst the discussion, Nemi emphasizes the importance of privacy by design and the role of the CISO in ensuring that compliance enhances, rather than hinders, business operations.As the conversation nears its conclusion, Nemi speaks candidly about the future, including the advent of artificial intelligence as a technology that both enhances security measures while also inevitability being used by adversaries as well.  This important podcast ultimately touches on the intersection of business acumen, technical expertise, and strategic thinking required for modern CISOs to thrive and protect their organizations in an age where cybersecurity is a key pillar of business continuity.We hope you enjoy!
31:22 11/5/23
Episode #35 - Using Aviatrix to simplify multi-cloud networking
Enterprises are not confined to the boundaries of a single cloud environment.  But as many adopters have discovered, navigating multi-cloud isn't without its challenges from a networking perspective.  The once-promised flexibility and scalability of the multi-cloud model are often overshadowed by daunting complexities, diminished visibility, and fragmented control mechanisms.  The disparate networking and security paradigms of each CSP have all but eroded the notion of a seamless integration experience, ushering in the need for an overlay capability.Aviatrix's answer is both innovative and intuitive. The company sought to reimagine the entire multi-cloud networking paradigm. By developing a platform that provided a unified control plane, Aviatrix ensured that businesses could have a singular, centralized view of their entire network topology, irrespective of the cloud provider. This was complemented by advanced networking and security features that addressed the individual quirks and requirements of each cloud environment, ensuring seamless operation across the board.Join  Satbir and Darren as they speak with Chris McHenry, Head of Product Management, about what makes Aviatrix unique in the space of multi-cloud networking.
47:14 10/8/23
Episode #36 - Leveraging Deep Learning for Deep Defense
Traditional cybersecurity approaches, often retrospective in nature, race to detect and respond to threats only after they've manifested. This reactive paradigm, although necessary, leaves a window of vulnerability—a time-lapse during which systems are exposed, data is compromised, and infrastructures are at risk.Deep Instinct represents a seismic shift in the way we approach cybersecurity.  What makes Deep Instinct stand out in the vast sea of cybersecurity firms lies in their use of deep learning.  Inspired by the structure of the human brain, deep learning enables computers to learn from vast datasets and make independent decisions when distinguishing benign from malicious activity. This exhaustive training equips the system to recognize and thwart even the most novel threats, those that conventional systems might overlook.While many companies leverage machine learning for post-breach detection, Deep Instinct's platform is designed for zero-time prevention. Its deep learning models, once trained, can instantaneously analyze data, making split-second decisions to halt threats in their tracks. This preemptive approach narrows the vulnerability window, fortifying systems against both known and unknown cyber adversaries.Join  Satbir and Darren as they speak with Carl Froggett, CIO & CISO, about what makes Deep Instinct unique in how they approach cyber-defense.
31:41 10/8/23
Episode #41 - Using synthetic data for ultimate privacy
Data security is heavily dependent on context, and as organizations contemplate Test Data Management (TDM) they must consider not only de-identification strategies but re-identification probabilities as well.  Data privacy regulations are becoming more stringent, with some regulations having an ‘extraterritorial scoping clause’ that stipulates that organizations must comply with regulations regardless of where the data resides, if collecting data on their constituents (e.g., GDPR and PIPL).  Further, even if all direct identifiers are stripped out of a data set, the data will still be considered personal data if it is possible to link any data subjects to information in the data set relating to them (as per Recital 26 GDPR).  In other words, according to GDPR, a person does not have to be named to be identifiable. If there is other information enabling an individual to be simply connected to data about them, they may still be considered ‘identified’.An organization, using proper techniques combined with re-identification risk management procedures, remains among the strongest and most important tools in protecting privacy.   Tonic is one such vendor that applies advanced concepts to de-identify aggregate datasets.  They specialize in synthetic data, which by definition is differentially private, though they can also selectively de-identify identifiers and quasi-identifiers in complex schemas (e.g., structured and semi-structured data).  Join  Satbir and Darren as they speak with Adam Kamor, Tonic Co-Founder and Head of Engineering, about what makes Tonic unique in the space of data de-identification.
30:55 9/18/23
Episode #34 - A trace-based approach to runtime security
Spyderbat continuously records ALL runtime context in an environment (from Kernel to Cloud) while providing causal linkage (recording both good & bad events alike). Alerts can then be traced along the resultant causal chain that's created. Normal behaviors can then be safely ignored, allowing practitioners to focus on more toxic combinations ONLY (i.e., Alerts-to-Traces). Practitioners can then group behaviors for another order of magnitude reduction in alerts. To do this, Spyderbat has developed the following algorithms:Guardian - Records context to determine and visualize aggregate event significance in the environment. Guardian is the backbone that surfaces risk while addressing drift by comparing running applications against prior versions Flashback - Replays the sequence of activities within/across containers at the earliest warning signs of troubleScout - Maps to Mitre Attack Matrix and Kubernetes Threat Matrix and identifies attacks based on suspicious behaviors. Interceptor - Acts as automatic guardrails to protect known-good processes, extracts attackers, and rolls back misconfigurations. Collectively this delivers on the value chain from causality through enforcement.
42:53 8/4/23
Episode #33 - A discussion with Sounil Yu, author of the Cyber Defense Matrix
Sounil Yu is an author, cybersecurity visionary/strategist, advisor, security scientist, and leader.  In his capacity of Chief Security Scientist at BoA he was in part responsible for developing and optimizing their cybersecurity portfolio.  With an ever-expanding set of entrants in cybersecurity, he recognized the need to develop a framework that would provide a consistent mechanism to describe and organize solutions.  Over the last several years this framework, the Cyber Defense Matrix, has evolved into a very robust matrix that can apply to an expanding set of use cases.  At The Incubator Podcast, we are using the matrix to not only map out vendors in the cybersecurity domain, but to also anticipate vendor movement between adjacent capabilities to assist clients with deliberate rationalization and optimization exercises.  Our customers tire of the 'expense in depth' that accompanies market narratives in the domain of cybersecurity and we aim to provide purposeful and defensible portfolio strategies.
36:27 8/3/23
Episode #32 - OSS LIbrary-Level Analysis and Least Privilege Enforcement
Oligo Security provides OSS library-level analysis and creates a profile of behavior on runtime.  By evaluating what the OSS packages need from the operating system, they can detect malicious activity for each and every component in runtime.  Through continuous monitoring, they can alert on deviations from baseline behavior and even block those deviations if desired.  They apply a least privilege approach when assessing OSS libraries which reduces alerts by upwards of 85%.  Given approximately 80% of deployed code contains OSS, Oligo's least-privilege approach is a true differentiator.   Join  Satbir and Darren as they speak with Gal Elbaz, Co-Founder and CTO of Oligo Security, about their views on how to practically manage OSS vulnerabilities.
37:26 7/18/23
Episode #31 - Establishing Enterprise Encryption Supremacy
Primarily known as a pioneer in Confidential Computing, Fortanix has created a unified data security platform that delivers a suite of services, including multi-cloud key management, tokenization/encryption, Transparent Data Encryption (TDE), and specializes in secure enclaves.  With 30+ granted and pending patents, and a host of awards such as Gartner Cool Vendor and RSA Innovation Sandbox - Fortanix has achieved absolute encryption supremacy for the enterprise.  In this episode, we speak with Faiyaz Shahpurwala, Chief Product and Strategy Officer, as we explore a broad set of use cases to secure enterprise data, wherever it is. Please listen and contact Satbir and Darren to explore this and other observability-related domains.
32:52 7/17/23
Episode #30 - How to build a sustainable AppSec program
Apiiro has built its Code Risk Platform to address risks inherent in material changes to application logic/code ... long before those change ship to prod.  Given the imbalance in the ratio of developer to security practitioner, Apiiro's solution is crucial if we are to deliver sustainable security programs that meet the demands of new product introduction.  They are the winner of RSA's Innovation Sandbox and are recognized by Gartner as a Cool Vendor in DevSecOps.   Apiiro establishes an ongoing understanding of the ins and outs of applications and software supply chains, and how the attack surface changes over time.  Their Risk Graph represents all code modules, dependencies, user stories, APIs, data models, development environments, container images, pipelines, technologies, frameworks, contributors, and other application components.  Taking signal logic such as developer behaviors and various security inputs, they can trigger engagement models to allow developers and security practitioners to co-create software changes.  This is a must-have for every security program!Please listen and contact Satbir and Darren to explore this and other cybersecurity and risk-related domains.
31:39 5/17/23
Episode #29 - Tackling the biggest problem affecting code … dependency lifecycle management
As it turns out, managing Open Source Software (OSS) dependencies is extremely difficult.  Not all vulnerabilities are in runtime and/or reachable, not all exploits focus on high/critical CVSS, there is a time delay with patches when they are made available, and Semantic Versioning (SerVer) can make prioritization challenging when thinking through backward compatibility, upgrade paths, version pinning in supply chain, etc.Though estimates vary based on source, some 80% of deployed code is now OSS with 95% of vulnerabilities taking place in transitive dependencies.  What’s more, when looking at the Census II report () approximately 50% of all packages tracked did NOT have a release in 2022.  This is an intractable problem and a reason why Endor Labs started development back in 2021.  As they so eloquently state, “Software ages like milk, not like wine”.  In this podcast episode, Satbir and Darren explore the Software Composition Analysis (SCA) domain with Varun Badhwar, CEO/Founder of Endor Labs, regarding how to focus teams on the most relevant vulnerabilities associated with their OSS code and how many AppSec programs are starting to focus efforts in this area.
27:20 5/2/23
Episode #28 - A discussion of data cloud economies and security, with Navindra Yadav
Data platforms are evolving, allowing data clouds to connect with consumers and producers of data that may be external or internal to your organization.  Sharing with upstream/downstream partners in this data economy presents significant challenges to protecting data.  Join us as we discuss this economy and the security implications, with Navindra Yadav, CEO & Co-Founder of Theom.
26:49 4/24/23
Episode #27 - Promoting Open Standards Observability at a massive scale
Nobody understands observability at scale quite like Chronosphere co-founders Martin Mao (CEO) and Rob Skillington (CTO).  While at Uber they created, and open-sourced, the M3 metrics engine, which was capable of handling billions of data points that describe the most complex environments.  Then, in 2019, they founded Chronosphere which is now valued at over a billion dollars.Chronosphere focuses on capabilities that help Product Teams work more efficiently to manage their applications.  The company’s trace metrics help developers and SREs create a single metric that represents all or part of their business logic call flow, such that visibility and alerting can focus on the things that matter.  They also provide the ability to set data quotas on teams so Product Teams can better manage their costs against centrally managed quotas.  Chronosphere is committed to open source, having donated PromLens (a query builder for Prometheus) to Prometheus, as well as providing complete support to OpenTelemetry (a Cloud Native Computing Foundation (CNCF) project set to soon overtake Kubernetes in terms of contributions.  For any company that desires to support open standards with its observability strategy, Chronosphere is a must-have platform!Please listen and contact Satbir and Darren to explore this and other observability-related domains.
38:30 4/3/23
Episode #26 - An Insider Threat Platform that Protects Individual Privacy
When considering an Insider Risk Management (IRM) program a confluence of events complicates effective execution, including a general increase in financial hardship due to the current economic climate, an increasingly remote corporate workforce, steady growth in the gig economy, privacy concerns regarding individual liberties, and negative perceptions of organizations developing a 'surveilling’ presence.  Insider threat is inherently a human challenge that must look beyond the traditional focus on cyber-only components - to also include human, organizational, and physical approaches & sensors.  DTEX Systems operates in this space, providing significant thought leadership and even forming a Public-Private Partnership (PPP) with MITRE as they jointly develop an Insider Risk Management Framework (coming soon).   Through their patented privacy-compliant metadata collection, they can surface abhorrent and abnormal behavioral patterns as ‘indicators of intent’ to mitigate malicious, complacent, or unintentional acts that negatively affect the triad of confidentiality, integrity, and availability for an organization, its data, personnel, and/or facilities.  In this episode, we speak with Brian Stoner, Vice President of Worldwide Channels and Alliances, to uncover DTEX’s approach to balancing the needs of the individual while empowering organizations to act on contextual intelligence to stop insider threats.
34:31 3/27/23
Episode #25 - Helping Defenders focus on exceptions by offloading day-to-day, with StrikeReady
The annual Cybersecurity Workforce Study conducted by (ISC)² modeled the existing talent shortage as 3.4 million professionals in 2022, up 26% from their 2021 study.   The purchasing of a multitude of security products to offset skill gaps can fall short as operators struggle to adapt processes and extract value from toolchains that may or may not be flexible in handling an evolving threat landscape.  Many available security automation products require an operator to construct, deconstruct, and reconstruct a set of playbooks that include a number of static decision blocks, which are clearly not optimized for ad-hoc or potentially ex-ante scenarios.   In this episode we have a conversation with Salim Scafuto, Global VP of Customer Success and Sales Engineering, of StrikeReady, about their platform and how its logic layers (attack harvesting, knowledge harvesting, action invocation, analysis & context) combined with their machine learning capabilities (e.g., deep neural networks, convolutional deep neural networks, deep belief networks,   recurrent neural networks) can allow an operator to reason with their environment to thwart attacks.  The platform allows operators to engage in knowledge-seeking questions that invoke a security-centric conversation with their reasoning engine (e.g., such as asking, “what is ransomware?”, or, “who is APTXXX?”), a contextual awareness question  to obtain a degree of business insight (e.g., such as asking “am I currently at risk for ransomware?”), or even an automation-based command for incident response and proactive operation (e.g., such as issuing the command, “check this email for phishing”, or, “assess my risk against mummyspider”).With a host of integrations and a TAXII client to ingest a set of threat feeds, the platform is enabling a broad range of responses that mimic a security professional, offsetting much of the day-to-day load and allowing practitioners to focus more on the exceptions.  Please listen and contact Satbir and Darren to explore this and other cybersecurity-related domains.
40:50 3/26/23
Episode #24 - Unifying Security Technology and Human Intelligence with Synack
Disrupting traditional security testing approaches is where Synack specializes. They have long recognized that to thwart attacks in modern adversarial campaigns requires a maximal combined talent of human and AI-powered intelligence.  Through the gamification and use of crowdsourced expertise across verifiable exercises, Synack leverages its Synack Red Team (SRT), a global network of ethical hackers, to identify and address vulnerabilities across an ever-evolving attack surface.  This crowdsourced team of highly skilled and heavily vetted ethical hackers represents one of Synack's key differentiators.  Traditional security assessments and audits provide point-in-time insights into an enterprise's security posture which does little to illuminate an organization's cyber defense capabilities, processes, or controls.  Synack instead opts to use an incentive-driven model that allows their security practitioners to employ any Tactics, Techniques, and Procedures (TTPs) they deem appropriate, encouraging behavior that more readily models exploitation hunting as an adversary would.  Sessions are recorded and exploits are verified via other members, providing a capture into how the vulnerabilities are found, along with how long it took, what the relative effort was to identify, and what remediation steps are recommended.  Re-test is part of the service for closed-loop verification.  Join us in this episode as we speak with Tim Lawrence, Solution Architect as we go into greater depth into how Synack can provide resilience to any organization.  In a market where security practitioners are hard to come by, this is a firm to engage with.  Please reach out to us to discover how we develop closed-loop resilience patterns in a modern SSDLC!
29:51 3/8/23
Episode #23 - Cyber Defense Services Forged from the Front Lines
At its core, BlueVoyant offers MDR and managed SIEM services for Splunk and Microsoft Sentinel, though they also provide EDR services, 24/7 security monitoring, alert investigations & incident response, forensics & litigation support, attacker simulation & penetration testing, supply chain defense, dark web investigations, compliance services, vulnerability assessments and remediation, and professional services.  In this episode, we are joined by Matthew Gonter, Global Technical Solutions Architect - Splunk | Cribl where we talk about the myriad of security problems BlueVoyant sees in the industry and how they enable customers to outsource key security functions while addressing the cybersecurity skills gap to improve overall security preparedness and security outcomes.  Matt joins BlueVoyant by way of their recent acquisition of Concanon, a Splunk and Cribl professional services company, in October 2021 where Matt introduced enterprise solutions and proprietary technology to manage Sentinel and Splunk at scale while directly tackling log shipping challenges.Serving as an expert in SOC services, SIEM implementation/migration, and Observability Pipeline optimization, Matt shares many insights into the security industry and we look forward to having him back on the show!
25:52 2/19/23
Episode #22 - Operating at the nexus of Observability & Security data
Cribl provides a real-time data stream management platform for MELT data that enables organizations to gain insights and take action on data in place (right at the source), data at rest (already stored in a data lake), and eventually data in motion (transitioning an observability pipeline).  Back in May 2022 Clint and the C021 team signaled that they would be turning search on its head, and in Nov '22 they did just that.  We can now say goodbye to the swivel-chair searching which has become a rate limiter to value realization and start to unlock our observability and security data.  In this episode, Satbir and Darren speak with Ed Bailey, Cribl's Sr. Staff Technical Evangelist, about the power of Cribl's vision for the future.  Though we cover a range of topics there is a heavy focus on Cribl Search and all that it promises.  Search is built on an enhanced version of Kusto which provides practitioners a familiar interface to start with.  This allows organizations to get a head start by performing actions such as compiling Sigma rules into Kusto for IOC/threat hunting.  This design decision goes a long way to challenge the current modus vivendi that exists between operational and security data.Further, Cribl Search is a cloud-native construct, scaling elastically as queries are processed which dramatically reduces the infrastructure cost burden of search.  Dispatching queries to where the data is promises to drive the convergence between observability and security operations and we are excited to continue partnering with Cribl.  This is an essential platform for organizations looking to gain insights and take action on their MELT and security data.  Long live the goat!
30:56 1/30/23
Episode #21 - Automating continuous Classifying, Modeling, & Auditing of data actions with Theom
We at Ink8r have long been advocates for calibrating protection against threat modeling exercises to properly align protection for assets.  When it comes to securing production resources in the cloud this often means extending beyond Cloud Security Posture Management (CSPM) and including Data Security Posture Management (DSPM), among other capabilities, to properly address threats.   With Theom we find not only a complete data security solution but also a platform that has truly thought through what the enterprise practically requires.  Join us as we speak with Navindra Yadav, serial entrepreneur & inventor, and Co-Founder & CEO of Theom as we explore their platform and how they are truly the enterprise's Data Bodyguard!Theom leverages NLP classifiers to discover/classify your data in the cloud across analytical stores, object stores, and relational databases (all at a granular level) and even monitors how that data is accessed (in-flight observations).  With this approach, Theom can determine potential financial exposure by combining metadata of the entities accessing/actioning the data along and determining the sensitivity of that data.  Historically, determining Annualized Loss Expectancy has been challenging.  Organizations typically must determine an Annual Rate of Occurrence (ARO) and multiply it by the Single-Loss Expectancy (SLE) for each time a risk arises.  With Theom this becomes infinitely easier and allows for a quantitative view of risk for your critical assets.  WOW!And that is just the beginning.  Theom will also determine anomalous behavior regarding entity activity to help curtail overprovisioned access and help thwart more complicated 'slow leak' attacks.  Activity can include actions on data, as well as how the data is being accessed.  By looking at API access and comparing against Swagger specs for the API, Theom can expose discrepancies between spec and actual API configuration/exposure.  Another WOW!A final note on Theom has to do with platform design and the team's foresight regarding architecture.  By leveraging Distributed Ledger Technology (DLT) Theom has placed a priority on security from several perspectives.   They immediately deliver Proof of Action for every transaction including proof that Theom doesn't manipulate any customer data (i.e., all analytics happens in the customer environment, without data movement of any kind); all data analytics incur minimal costs to the customer (e.g., we are talking under $20/day, which is incredible); and an entire world opens up for futures around concepts such as Proof of State (e.g., imagine an auditor or cyberinsurance company validating state directly - without interacting with Theom at all).
36:09 11/6/22
Episode #20 - Making Connectivity to Business Resources Impossibly Simple
The show producer has not yet provided a description for this episode.
44:56 10/17/22
Episode #19 - Constructing a versatile SSDLC pipeline that can simply do more
How many pipelines does my organization need?  What pipeline construction patterns are most acceptable to my developers?  What intelligence should I inject into the pipeline?  Nick Durkin, Field CTO & VP of Field Engineering from Harness answers these and more.  Join us in this episode as we unpack some philosophical areas of SSDLC architecture, while diving into the Harness portfolio to see how they continue to innovate in topics such as Chaos Engineering, Feature Flag Management, Security, Intelligent Testing, Cloud Cost Management (more than just visibility), Service Reliability, and more.  The pipeline underpins the SSDLC process, ensuring not only a collaborative experience between testing, development, and operations, but also as an enabler of contemporary delivery approaches such as DevSecOps, Agile, Continuous Integration, and Continuous Delivery.  Without a pipeline that can support all interested stakeholders, safe delivery of code at market expectation will be elusive at best.  
46:59 10/11/22
Episode #18 - To truly understand the pervasive use of SaaS in your enterprise, turn to SSCP
Enterprises rely on dozens to hundreds of Software-as-a-Service (SaaS) applications, both sanctioned and unsanctioned, for their workloads, data, and processes.  This attack surface requires SaaS Security Posture Management (SSPM) to protect the enterprise, but how do enterprises truly discover all of the SaaS apps in use (particularly those unsanctioned SaaS apps)?Traditionally enterprises have relied on CASB solutions, API-integrated solutions, SSO-integrated solutions, and/or web proxies to try and discover the breadth of SaaS use, but these can be off by an order of magnitude from true usage in an environment.  This is where a SaaS Security Control Plane (SSCP) becomes invaluable, not only from a discovery perspective but also to inject enterprise security expectations into EVERY SaaS application.   Join us in this episode as we speak with Lior Yaari, Co-Founder and CEO of Grip Security as we explore how their platform allows commercially-focused CISOs to partner with business line managers to rapidly determine their SaaS posture.  
37:19 9/21/22
Episode #16 - Harmonizing your AppSecOps Program
Application delivery velocity is driving a need to bolster an organization's existing software security posture.   One fundamental aspect in fortifying an AppSec strategy is to leverage the API’s of existing application portfolio management solutions, code repositories, open source code scanning, static code scanning, credential scanning, image scanning, and various dynamic application security test tools, to create a composite risk profile for each asset along with prioritization, tracking, and automated SLA management across the Secure Software Development Lifecycle (S-SDLC).  This allows us to move beyond what is often construed as an obsession with defects, to achieve a degree of harmonization between developer and security professional.Join us in this episode as we speak with Nikhil Gupta, Co-Founder and CEO of ArmorCode as we explore how their platform provides a single process for AppSec visibility, workflow automation, vulnerability management, and compliance, and how it allows an organization to elevate their Security Program.
47:50 8/7/22
Episode #15 - Reimagining Observability and making it viable
We heard a great quote at RESOLVE'22 this year which said, "customers pay for up time and companies pay for downtime".  A rather adroit quote, and one that truly captures the Sisyphean challenge of ensuring applications are performant in the way we expect.  When it comes to the Herculean task (wow - two mythological references in one opener!) of making modern observability viable, there stands Cribl, the leader in Observability Pipelines and a true disruptor of the domain.  Cribl has launched several products that enable practitioners by focusing on data value at the edge, in the stream, and in a customer's Observability Lake(s).Join us in this episode as we speak with Nick Heudecker, Senior Director of Market Strategy & Competitive Intelligence at Cribl as we explore their product portfolio and how those products reshape how we should think about data processing in observability and security.
39:14 7/2/22
Episode #14 - Enabling Collaborative IaC with specialized CICD
Many, if not most, organizations operate as polyglots - polyglot environments, polyglot programming languages, polyglot persistence, and so on.   Infrastructure-as-Code (IaC) automation is no exception to this complexity with organizations often supporting polyglot IaC CICD tooling.  Teams introduce this variability to achieve specific ends as some frameworks are great for one task but not another, so working with multiple platforms/frameworks enables developers to use the right tool for the job. In this podcast episode, we speak with Co-Founder and Chief Product Officer of Spacelift, Marcin Wyszynski.  Together we discuss how Spacelift can cull the digital Tower of Babel that comes with deploying and managing IaC in the enterprise.  Spacelift provides a specialized IaC CICD platform with sophisticated state management and audit features for multiple frameworks such as Terraform, Pulumi, Kubernetes, CloudFormation, and soon Ansible.  Through support for complex workflows, and a robust policy framework, Spacelift allows you to declare rules around account and project access, handling push notifications, starting runs,  triggering tasks, and creating relationships between projects.  
34:40 6/30/22
Episode #13 - Running MELT through analytics at the edge
There is always tremendous value in decreasing latency in any decision-making process, particularly when we are dealing with stream processing in support of system and application observability.  By running Metrics, Events, Logs, and Trace (MELT) data through an analytics algorithm at time of creation, on the very devices emitting the signals, organizations can set parameters on what information is worth sending to an observability platform, and what information is not.In this episode, we speak with Zachary Quiring, Director of Product at Edge Delta regarding how they view observability and how distributed queries are the most economical approach to scale and efficiency for modern architectures.  This is truly a novel approach and as Edge Delta puts it, the only way to achieve "observability without compromise".
46:00 6/30/22