ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Cloud Security Detection & Response Strategies That Actually Work"
Episode Synopsis
We spoke to Will Bengtson (VP of Security Operations at HashiCorp) bout the realities of cloud incident response and detection. From root credentials to event-based threats, this conversation dives deep into:
Why cloud security is NOT like on-prem – and how that affects incident response
How attackers exploit APIs in seconds (yes, seconds—not hours!)
The secret to building a cloud detection program that actually works
The biggest detection blind spots in AWS, Azure, and multi-cloud environments
What most SOC teams get WRONG about cloud security
Guest Socials: Will's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Introduction
(00:38) A bit about Will Bengtson
(05:41) Is there more awareness of Incident Response in Cloud
(07:05) Native Solutions for Incident Response in Cloud
(08:40) Incident Response and Threat Detection in the Cloud
(11:53) Getting started with Incident Response in Cloud
(20:45) Maturity in Incident Response in Cloud
(24:38) When to start doing Threat Hunting?
(27:44) Threat hunting and detection in MultiCloud
(31:09) Will talk about his BlackHat training with Rich Mogull
(39:19) Secret Detection for Detection Capability
(43:13) Building a career in Cloud Detection and Response
(51:27) The Fun Section
Why cloud security is NOT like on-prem – and how that affects incident response
How attackers exploit APIs in seconds (yes, seconds—not hours!)
The secret to building a cloud detection program that actually works
The biggest detection blind spots in AWS, Azure, and multi-cloud environments
What most SOC teams get WRONG about cloud security
Guest Socials: Will's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Introduction
(00:38) A bit about Will Bengtson
(05:41) Is there more awareness of Incident Response in Cloud
(07:05) Native Solutions for Incident Response in Cloud
(08:40) Incident Response and Threat Detection in the Cloud
(11:53) Getting started with Incident Response in Cloud
(20:45) Maturity in Incident Response in Cloud
(24:38) When to start doing Threat Hunting?
(27:44) Threat hunting and detection in MultiCloud
(31:09) Will talk about his BlackHat training with Rich Mogull
(39:19) Secret Detection for Detection Capability
(43:13) Building a career in Cloud Detection and Response
(51:27) The Fun Section
In God we trust