Presentations

25/08/29 Alhaji Bah - From HR to Cloud Security

Alhaji joined Cloud Security Office Hours in our early days. He has successfully moved from HR to Cloud Security and joined Wiz! This is his story.

25/08/22 A. Stryker - From DEFCON 33, Just a TIP

Stryker presents the process of building a Threat Intelligence Platform as an alternative to spending a fortune on commercial products.

25/08/01 Patrick Burke, Chainguard - Minimal Container Images

Patrick Burke led a discussion on minimal container images, focusing on security and compliance aspects. He explained trends in vulnerabilities, emphasizing the increasing number of vulnerabilities discovered each year. Burke also covered the basics of containers and Kubernetes, highlighting their role in standardizing software deployment across different environments. The presentation aimed to help attendees understand why investigating minimal container solutions might be beneficial for reducing manual effort in patching vulnerabilities and improving compliance.

25/07/25 San Holder-Booker, MBA - Mastering the Elevator Pitch

Mastering the Elevator Pitch San, a communication specialist and public speaker, delivered a presentation on crafting effective elevator pitches. She emphasized the importance of confidence and self-knowledge in presenting oneself, noting that people have only 8 seconds to make an impression. San shared statistics on the impact of elevator pitches, highlighting that 33% of sales managers decide on candidates within the first 30 seconds, and 71% of managers believe a well-crafted pitch can advance careers. She concluded by defining an elevator pitch as a brief, compelling introduction designed to engage listeners and leave a lasting impression.

25/06/06 Matt Chiodi - From CISO to COO

Matt Chiodi discusses his transition from CISO to COO at Cerby

25/05/23 Jay Siermarco - AI and the Law

Jay Siermarco - AI and the Law

25/05/09 Neil Carpenter - Minimus

Neil Carpenter discussed his recent transition from Orca Security to an early-stage startup called Minimus. He also shared his experiences in the vulnerability management space, highlighting the importance of meaningful approaches to managing vulnerabilities in container images. Neil emphasized the significance of relationships in career development and shared his journey from working in the marketing organization to sales and go-to-market roles. He also discussed the challenges and opportunities in the vulnerability management space, particularly in the context of container images.

25/04/18 Camille and Corinne - Young Pentesters

Probably the best session we have ever had on Cloud Security Office Hours. Here we have two young penetration testers who already have confirmed kills and paychecks to go with them. Please enjoy their story.

25/01/17 Presentation - Mario Lazo and Dr Walid Amamou - Securing AI Workflows

The meeting involved discussions on the use of AI models, with a focus on the risks associated with them and the importance of protecting enterprise data privacy. The team also explored the potential risks and benefits of using private versus open-source language models for sensitive data, and discussed a technique for using large language models without exposing sensitive data. Lastly, the meeting touched on the importance of systems-level orchestration skills in the AI field and the need for learning from open-source AI communities.

25/01/10 Presentation - Ian McRee - Center for Internet Security

Ian presented on his role as the Azure Cloud Community Leader at CIS and the development process of the CIS benchmarks. The team also discussed the CIS Cloud Benchmarks, the importance of community engagement, and the potential for automation in assessment and remediation. Lastly, they addressed ongoing security issues, the challenges of balancing risk and cost in security, and the importance of security vendors vetting their processes.

25/01/03 Recording and Notes - Threat Detection Engineering - Itay Haral

The meeting began with a presentation by Etay Haral on cloud detection engineering, focusing on role unchaining in AWS and the challenges of tracing activities back to original actors. The discussion then shifted to operationalizing cloud monitoring, log analysis, and the importance of parsers in creating comprehensive investigation graphs, with participants sharing insights on different cloud service providers and vulnerability management strategies. The conversation ended with conversations about proactive threat detection tools, the challenges faced by educational institutions in maintaining cybersecurity, and personal anecdotes shared by team members.

24/11/29 AI Security By The Numbers

The team discussed the importance of considering the self-selected nature of data in security reports, particularly in relation to AI models and cloud security solutions. They also explored the vulnerabilities in AI packages and components, the challenges of regulating AI, and the potential risks and benefits of AI in relation to security and regulation. The conversation ended with plans for a recap session the week after, and the team expressed concerns about protecting against AI model vulnerabilities and the need for human oversight in AI systems.