🚨 The kernel-level security revolution you can't ignore — a must-listen with Liz Rice
Eden Naftali and Amitai sit down with Liz Rice, Chief Open Source Officer at Isovalent (Cisco), and a global expert in eBPF, containers, and Kubernetes security.
🎙️ In this episode:
How eBPF is reshaping cloud security from the ground up
Practical strategies to tackle open source supply chain attacks (a hot topic given today’s events)
A must-listen for anyone building or securing cloud infrastructure in an era of AI coding and supply chain attacks.
🔐 Erik Bloch on his path from military hacker to Illumio security leader.
Eden Naftali and Amitai sat down with Erik Bloch & here's what they covered 👇
How starting in the military shaped Erik's approach to security
Building and scaling cloud detection & response teams
Converting security metrics into actionable business KPIs
🚨 How do you build a 4,000+ strong student-tech community from scratch?Eden Naftali and Amitai sat down with Day Johnson, Security Engineer at @amazon , ex-Datadog, founder of CyberWox Academy.What they covered 👇- Detection engineering that works at scale- What breaks IR processes (and how to fix them)- Real talk on breaking into security without shortcutsAlso: why being the "tech kid" in your neighborhood might just launch your whole career.
- 💡 From cloud chaos to career confessions: live with security minds from RiotGames & Microsoft.Eden Naftali went live, and got personal, with 3 leaders shaping the future of cloud and cybersecurity:- Nicole Dove, Head of Security Engineering at @Riot Games- Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft- Alon Schindel, VP of AI & Threat Research at WizWhat they unpacked? 👇The heart of threat intel, building trust over tools, and how hobbies reflect how they lead.This Crying Out Cloud episode from RSA just hits different.⏱ Chapters00:05:02 – What it means to be a threat intelligence leader00:10:08 – How threat intelligence should really look00:15:48 – Skirting the tough questions in cybersecurity00:21:07 – Working with third-party vendors in the cloud00:26:17 – What the security industry is getting wrong00:31:20 – The special skill of deep research00:36:20 – A real-world story about leading with trust#CyberSecurity #CloudSecurity #ThreatIntelligence #Infosec #CloudComputing
🎙️ Scattered Spider's new target? Airlines.Eden Koby Naftali & Amitai Cohen break down the latest in the cloud:1️⃣ A connectivity tool vuln & Open WebUI misconfig putting orgs at risk2️⃣ Why attackers are still tricking help desks (and how!)3️⃣ The "lethal trifecta" of AI agent danger, explained 🧠🤖0:25 – Scattered Spider targets the aviation industry1:38 – Help desk hacks: impersonation & real-world stories4:52 – Teleport vulnerability explained9:48 – AI’s “lethal trifecta” and why it matters#CloudSecurity #ScatteredSpider #AIThreats #HelpDeskAttacks #CryingOutCloud #CybersecurityPodcast
🎙️ New ep: David Bianco from Splunk with 🔥 insights from a lifetime of threat hunting.Eden Koby Naftali & Amitai Cohen sat down with David Bianco, creator of some of the most influential models in cyber detection.What they got into ⬇️1) How a threat intel milestone led to the Pyramid of Pain2) Why detection isn't just about indicators3) What good threat hunting teams actually do#CryingOutCloud #CyberSecurity #ThreatHunting #PyramidOfPain #DavidBianco #Splunk #Infosec #CloudSecurity #DetectionEngineering #BlueTeam #SecurityPodcast #SOC #ThreatIntel #IncidentResponse
🎙️ Just dropped: @Dr. Anton Chuvakin from @Google Cloud with legendary insights (and cloud security jokes).Eden Koby Naftali & Amitai Cohen sat down with Dr. Anton Chuvakin, Google Cloud's Office of the CISO, and the guy who made SIEM cool!What they got into ⬇️1) Why SOCs are broken (and full of toil)2) How to actually apply AI in security3) Why cloud appliances are still a problem4) What shared responsibility really means
🎙️ All you need to know from Ransomware to CVE Programs!☁️ Join Amitai Cohen and Eden Naftali as they break down the top stories in the cloud:- UK Retail Sector Hit by Ransomware (DragonForce & Scattered Spider)- SAP NetWeaver Vulnerability Exploited in the Wild- CVE Program Faces Major Backlog and Trust Issues
🎙️ Listen to the biggest insights of bug bounty hunting with Justin Gardner 🚨In this episode, Amitai Cohen and Eden Koby Naftali are joined by none other than Justin — renowned bug bounty hunter and host of the Creative Thinking podcast!
🎙️ All you need to know on the latest discoveries and updates ft. Rami McCarthy 🚨In this episode of Crying Out Cloud, @Amitai Cohen & @Eden Koby Naftali are joined by Rami — a Principal Security Researcher here at Wiz.Rami adds some energy and expertise to the table as we dive into a variety of topics:• GitHub Action supply chain attack • IngressNightmare updates. A follow-up to our last episode on this critical vulnerability.• Alleged Oracle breaches: Breaking down the latest rumors and insights.
🎙️ All you need to know on our latest discovery #IngressNightmare 🚨In this episode of Crying Out Cloud, Amitai Cohen & Eden Koby Naftali are joined by Nir Ohfeld — Head of Vulnerability Research at Wiz. Nir and his team have uncovered some of the most impactful vulnerabilities affecting cloud and SaaS applications. In this episode, he's diving into the latest discovery, a critical vulnerability in Ingress-NGINX:• How the team uncovered a critical unauthenticated RCE in NGINX Ingress Controller• Why Kubernetes admission controllers might be the next big attack surface• The wild journey of hunting vulnerabilities in the cloud
🎙 Ready for the latest on AI, cloud security, and Fortune 500 challenges?This week on our podcast Crying Out Cloud, we're joined by none other than Ashish Rajan— a seasoned cybersecurity leader and host of the AI Cybersecurity Podcast & Cloud Security Podcast.Amitai Cohen & Eden Koby Naftali dive into:- The evolution of AI & cloud security- Lessons from securing Fortune 500 & FTSE 100 companies- The biggest challenges (and laughs) in the industry
From Supply Chain Attacks to S3 Ransomware: Critical Cloud Security Stories You Need to Know.
🎙️ In this episode of Crying Out Cloud, Eden and Amitai break down the latest cloud security chaos, from sneaky supply chain attacks to AI-powered malware:1) How attackers exploited a GitHub misconfiguration to enable a supply chain attack.2) The latest twist on cloud-native extortion (spoiler: it all comes back to stolen cloud keys).3) NullifAI – Malicious AI models hiding in plain sight.4) whoAMI attack – The clever AWS AMI name confusion flaw that might catch you off guard.
🎙️ SEASON PREMIERE ALERT: Tune in to our latest episode featuring Karim El-Melhaoui, where we dive into the latest cloud security challenges ☁️🔥 Amitai Cohen & Eden Koby Naftali are kicking off the season with:- Cyber risk vs. operational risk – Why cyber risk is harder to quantify and how Norges Bank used NIST's Cybersecurity Framework to strengthen resilience.- Open-source tools fuel innovation, but many are abandoned without long-term support.- How cloud security alliance Norway is setting stronger security standards.🎧 Ready for season 3 of #CryingOutCloud?
Why is everyone suddenly talking about DeepSeek? 👀 🎙️ If you've been seeing DeepSeek everywhere but are wondering what the actual buzz is about - this is for you: Our new podcast features Gal Nagli from the Wiz Research team, breaking it down with Eden Koby Naftali and Amitai Cohen. Plus: Get the full story behind our recent DeepSeek database discovery that made headlines ⚡
🎙️ Every great story starts with a beer in the Alps... From building #Adallom to becoming a sommelier — hear Roy Reznik's journey as Co-Founder and VP R&D at @wiz in our podcast season finale! In this episode Eden Koby Naftali & Amitai Cohen dive into: ☁️ Roy's journey from Tel Aviv to London—culture. 🛠️ How companies can scale fast while staying secure. 💡 How R&D should foster a culture where developers proactively embrace security as a core value. 🤖 Thoughts on AI in development — Co-Pilots: where do they excel?
🎙️ Unpack AWS re:Invent's top announcements, trends, and what's next for cloud practitioners with @Scott Piper! Join Eden Naftali and Amitai Cohen in our latest #CryingOutCloud episode featuring Scott Piper, Wiz's Principal Cloud Security Researcher and "cloud security historian". In this episode: 🌟 AWS re:Invent highlights: Aurora DSQL, Nova genAI, EKS Auto Mode 🔒 Security updates on RCPs, VPC Block Public Access, Declarative Policies for EC2 🎬 Scott's favorite cloud-themed movies from Wiz Video World (Pulp Encryption, anyone?)
Dive into the latest #CryingOutCloud episode featuring Johann Rehberger!
Join Eden and Amitai as they sit down with Johann Rehberger, Red Team Director at @electronicarts and a cybersecurity expert. Johann also publishes innovative security research on his blog, Embrace the Red.
What you'll learn:
📌 Red teaming strategies to strengthen security programs
📌 Insights from Johann’s cutting-edge AI security research and experience
📌 The funny story behind Johann’s alias, Wunderwuzzi
Tune in now! 🎧
🎙️ Tune in to the latest #CryingOutCloud episode featuring Tanya Janca, where we dive into all things cloud! Join Eden and Amitai as they welcome Tanya Janca, founder of 'We Hack Purple', and the author of 'Alice and Bob Learn Application Security'. She's seen it all—from launching AppSec programs to teaching secure coding and leading on education at Semgrep. In this episode: 🌐 Building security programs from scratch 🔍 The value of static analysis tools for developers 🇨🇦 The Canadian cybersecurity landscape and her take on global challenges 💡 Tips for securing AI applications in the age of generative AI
🎙️ Ready for the latest on Hybrid Cloud Attacks, Linux Malware, and LLMJacking? Join our hosts Eden Koby Naftali and Amitai Cohen in our NEW #CryingOutCloud episode. In this episode: 📌 The perfctl malware campaign—stealthily mining crypto on thousands of Linux machines undetected for years 📌 Storm-0501 hybrid cloud attacks, targeting everything from hospitals to law enforcement, with ransomware and stolen admin credentials 📌 LLMJacking—the latest evolution in malicious cloud access, selling AI access on underground markets