EP216 Ephemeral Clouds, Lasting Security: CIRA, CDR, and the Future of Cloud Investigations

Guest:

• James Campbell, CEO, Cado Security
• Chris Doman, CTO, Cado Security

Topics:

• Cloud Detection and Response (CDR) vs Cloud Investigation and Response Automation(CIRA) ... what's the story here? There is an "R" in CDR, right?
• Can't my (modern) SIEM/SOAR do that? What about this becoming a part of modern SIEM/SOAR in the future?
• What gets better when you deploy a CIRA (a) and your CIRA in particular (b)?
• Ephemerality and security, what are the fun overlaps? Does "E" help "S" or hurts it? What about compliance? Ephemeral compliance sounds iffy…
• Cloud investigations, what is special about them?
• How does CSPM intersect with this? Is CIRA part of CNAPP?
• A secret question, need to listen for it!

Resources:

• EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
• EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win?
• EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics
• Cloud security incidents (Rami McCarthy)
• Cado resources