Start / Cloud Security Podcast / Cloud security detection response strategies that actually work

Cloud Security Detection & Response Strategies That Actually Work

58 min • 4 februari 2025

We spoke to Will Bengtson (VP of Security Operations at HashiCorp) bout the realities of cloud incident response and detection. From root credentials to event-based threats, this conversation dives deep into:

Why cloud security is NOT like on-prem – and how that affects incident response
How attackers exploit APIs in seconds (yes, seconds—not hours!)
The secret to building a cloud detection program that actually works
The biggest detection blind spots in AWS, Azure, and multi-cloud environments
What most SOC teams get WRONG about cloud security

Guest Socials: ⁠⁠⁠⁠⁠⁠⁠Will's Linkedin

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠

If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠ AI Cybersecurity Podcast

Questions asked:

(00:00) Introduction

(00:38) A bit about Will Bengtson

(05:41) Is there more awareness of Incident Response in Cloud

(07:05) Native Solutions for Incident Response in Cloud

(08:40) Incident Response and Threat Detection in the Cloud

(11:53) Getting started with Incident Response in Cloud

(20:45) Maturity in Incident Response in Cloud

(24:38) When to start doing Threat Hunting?

(27:44) Threat hunting and detection in MultiCloud

(31:09) Will talk about his BlackHat training with Rich Mogull

(39:19) Secret Detection for Detection Capability

(43:13) Building a career in Cloud Detection and Response

(51:27) The Fun Section

Senaste avsnitt

Cloud Security Detection & Response Strategies That Actually Work

Senaste avsnitt

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI

Guide to Hybrid Cloud & Bare Metal Secret Management

"Escape-Proof" Cloud: How Block built an Automated Approach to Egress Control

Prioritizing Cloud Security: How to Decide What to Protect First

Migrating from “Tick Box" Compliance to Automating GRC in a Multi-Cloud World

Using AI Agents to Solve Cloud Vulnerability Overload

Adapting to New Threats, Copilot Risks & The Future of Data (Feat. Matthew Radolec, Varonis)

Securing AI: Threat Modeling & Detection

CYBERSECURITY for AI: The New Threat Landscape & How Do We Secure It?

Cloud Security Evolved: From CNAPP to AI Threats

RSA Conference 2025 Recap: Top Themes, Actionable Insights & Future Trends

Mindset: Modern SOC Strategies for Cloud & Kubernetes (Ft Sergej Epp. Ex-Deutsche Bank)

Scaling Container Security Without Slowing Developers

How Attackers Stay Hidden Inside Your Azure Cloud

How Confluent Migrated Kubernetes Networking Across AWS, Azure & GCP

The New Future of Cloud Security: Vendor Lock-In, Runtime, and SOC Readiness

Detection Engineering with Google Cloud

CNAPPs & CSPMs don’t tell the full cloud security story

Securing AI Applications in the Cloud

Realities of Cloud Networking in AWS

Cloud Incident Response in Microsoft Azure

AWS Multi-Account Security: What Netflix Learned

Cloud Security Detection & Response Strategies That Actually Work

CISO Challenges Across Industries

Why Solving the Data Problem is Key to Cloud Security?

The economics of cybersecurity and trends

The Truth About CNAPP and Kubernetes Security

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

Centralized VPC Endpoints - Why It Works for AWS Networking

What is CADR?

Building Platforms in Regulated Industries

Dynamic Permission Boundaries: A New Approach to Cloud Security

Building a Resilient Cloud Security Program after Merger and Acquisition

Building Data Perimeter in Cloud in 2024

Navigating NIST CSF 2.0: Guide to Frameworks and Governance

Building a SOC Team in 2024 - Automation & AI

Cloud Identity Lifecycle Management Explained!

Traditional PAM vs Cloud CPAM for a cloud first world

The Role of Cloud Security Research in 2024

Edge Security is the Key to Cloud Protection

Is your CI/CD Pipeline your Biggest Security Risk?

State of Cloud Security - Practitioner Edition

BlackHat USA 2024 Highlights and Recap

Building an Incident Response Team for High-Growth Companies

State of Cloud Security 2024 - Leadership Edition

Cloud Native Strategies from a FinTech CISO

Fixing Cloud Security with AWS Lambda

What is confidential computing? Explained for 2024

The Evolution of Infrastructure as Code so far - 2024 Edition

What is AI-SPM?

Creating Effective Sigma Rules with AI

What is the future of security operations with AI in 2024?

Cloud Native Security Strategies for 2024

Real-World Cloud Security Challenges and Solutions Explained for 2024

Why Least Privilege Matters in Cloud Security?

How is Kubernetes Network Security Evolving?

The Future of Software Development with AI

The role of Real Time Defense in Cloud Security

CISO's guide to embracing risk in business

Why Email Breaches Still Happen?

Essential Strategies to master Incident Response in Cloud

From Code Suggestions to Security

Cloud Security Operations for Modern Threats

Understanding Threat Modeling in Cloud

Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis

Sidecar Container Vulnerability in Kubernetes explained

Role of application security posture management in cybersecurity

Cybersecurity Best Practices and Password Security in Cloud and AI

Multicloud strategy for AWS and GCP

AI's Role in Security Efficiency - Kubernetes Edition

Build an Effective AWS Cloud Security Program in 2024

Offensive Cloud Security Program for 2024

Understand Your Cloud Security Landscape to cut through the noise!

Kubernetes Security Trends 2024 | Software Supply Chain Security, Zero Trust and AI

Kubernetes Network Security for Multi Tenancy

AWS reInvent 2023 - Security highlights and announcements

eBPF - Kubernetes Network Security without the Blind Sides!

Attack Path Analysis for Better Kubernetes Security