Fred Bret-Mounet, CISO at Clarify Health Solutions, reminisces about negotiating a 25% salary increase and still being drastically underpaid, eating pasta every day, and learning that security can't just be focused on building Fort Knox.About F

Nate Lee: Building a GenAI Security App for Fun (and No Profit)

Dec 11th, 2023 50m 38s

Nate Lee, CISO at Tradeshift, talks about creating cloud security capabilities, working with engineering, and how he built a GenAI security question answering bot.About Nate:Nate is currently CISO at Tradeshift, a B2B SaaS platform where he bui

Steve Tran: Hacker, Magician, Police Officer, and CISO

Nov 27th, 2023 50m 20s

Steve Tran, CISO at the Democratic National Committee (DNC), opens up about his personal challenges, finding his path through hacking and magic, and his passion for helping the next generation.ABOUT STEVE: Steve is the Chief Security Officer fo

Deneen DeFiore: Being a Business Focused CISO, CIO, and Board Member

Nov 20th, 2023 41m 16s

Deneen DeFiore, CISO at United Airlines, talks about how she got into security, taking a new CISO role at the start of COVID, what makes a mature business oriented security program, and what CISOs need to know before considering board level opp

Kapil Assudani: Cloud, AI, and Reducing the Attack Surface

Nov 13th, 2023 52m 13s

Kapil Assudani, CISO at Edwards Lifesciences, shares how he was one payment away from getting kicked out of his Masters program, being resilient and resourceful, building credibility, and finding ways to reduce the attack surface.About Kapil: K

Mike Melo: The Case for DSPM vs. CSPM

Nov 6th, 2023 46m 21s

Mike Melo, CISO and head of technology at LifeLabs, talks about his approach to innovation and insights on leading cloud security tools.About Mike Melo: "Heavily focused on people and integrity-led progression, Mike Melo is a Senior IT Executiv

Jadee Hanson: Balancing CISO, CIO, and Product Leadership

Oct 30th, 2023 50m 38s

Jadee Hanson, CISO and CIO at Code42, shares how even as a kid she knew cybersecurity was her calling and how that led to CISO, CIO, and product leadership responsibilities.About Jadee Hanson: As chief information security officer and chief inf

Brett Cumming: Saying Yes Led to a Career in Cybersecurity

Oct 23rd, 2023 47m 5s

Brett Cumming, head of security at Skechers, shares how his sister inadvertently got him into cybersecurity and how saying yes to everything laid the foundation for a career in cyber.About Brett: Brett Cumming is a transformative leader who bui

Bernard Brantley: Cutting Edge Cloud Thinking and Team Building

Oct 16th, 2023 47m 1s

Bernard Brantley, CISO at Corelight, outlines his vision of modern security and cloud capabilities based on his experience at companies like Microsoft and Amazon, tying together security and business objectives.ABOUT BERNARD:Bernard Brantley is

Rinki Sethi: From Analyst to CISO and Board Member

Oct 16th, 2023 41m 20s

Rinki Sethit, CISO at BILL, discusses her journey in cybersecurity from roles at early cloud adopters like Intuit and Twitter to security vendors like Palo Alto Networks and ultimately to board roles at companies like ForgeRock.ABOUT RINKI: VP

The Cloud Ace Season 2 Trailer

Oct 16th, 2023 46s

Cloud Ace is back for season 2, featuring both new guests and a new host. Frank Kim, a SANS Fellow and CISO-in-Residence at YL Ventures, will sit in as host this season as a wide range of guests join him in exploring the full gamut of cloud top

Ashish Rajan: Developer-First Security with CASB, CIEM, CNAPP, CSPM, and CWPP

Dec 7th, 2022 53m 59s

Brandon Evans and fellow cloud security podcaster Ashish Rajan, host of the Cloud Security Podcast and Principal Cloud Security Advocate for Snyk, chat about developer-first security, multicloud abstraction layers, cybersecurity conferences, an

Marqueze "Q" Sawyers: Fail First, Fast, and Safely in Cloud Engineering

Nov 30th, 2022 55m 3s

Brandon Evans reconnects with former co-worker Marqueze “Q” Sawyers, a Senior Manager of Software Engineering at Asurion, as they chat about moving fast while failing safely while developing cloud-based applications, using tools like GitHub act

Ahmed AbuGharbia: Upskilling your Security Teammates for Cloud and DevSecOps

Nov 23rd, 2022 51m 48s

Brandon Evans meets with Ahmed AbuGharbia, a Security Manager and Consultant at Sirius Computer Solutions as well as a Certified Instructor Candidate for SANS SEC540: Cloud Security and DevSecOps Automation, to discuss reskilling traditional se

Jabez Abraham: Creating a Cloud Security Enterprise Architecture Strategy for Global Organizations

Nov 16th, 2022 44m 21s

Jabez Abraham, Senior Cyber Security Cloud Architect at Paige, meets with his former co-worker Brandon Evans to discuss how cloud native security capabilities can eliminate complexity while applying consistent security controls for organization

Stacy Dunn: Creative Problem Solving in Cloud Security and the Software Development Lifecycle

Nov 9th, 2022 37m 19s

Stacy Dunn, CISO Dojo podcast Co-Host, OWASP Chapter Co-Leader, SANS Senior Solutions Engineer, and former engineer for Check Point and Snyk, chats with Brandon Evans about the Software Development Lifecycle in the cloud, supply-chain security

Joshua Makinen: Building and Breaking Secure DevOps

Nov 2nd, 2022 42m 4s

Brandon Evans reunites with his former co-worker, Josh, a Senior Security Architect at Snowflake, as they discuss how to build security into DevOps organizations and how he was able to identify vulnerabilities in cloud DevOps tooling.Our Guest

Lysandra Capella: Leading Secure Cloud Transformation at Large Financial Institutions

Oct 26th, 2022 49m 53s

Brandon Evans talks about building a Cloud Adoption Roadmap with Lysandra Capella, a manager at one of the largest financial institutions in the Dutch Caribbean and a SANS superstar (23 GIAC certs!)Our Guest - Lysandra CapellaAs a Banking profe

Aaron Hutson: Breaking into Cloud Security as a SysAdmin

Oct 19th, 2022 41m 43s

Aaron Hutson walks Brandon Evans through his journey from being an on-prem SysAdmin and cloud skeptic to a cloud security student, consultant, and educator who has worked on the Defense Information Systems Agency (DISA) Secure Cloud Computing A

John Alves: Exploring Microsoft Azure Security Platforms and Capabilities

Oct 12th, 2022 42m 11s

Brandon Evans is joined by John Alves of CyberOne, who is also an up-and-coming instructor for SANS SEC510: Public Cloud Security: AWS, Azure, and GCP, to take a deep-dive into Microsoft Azure security platforms, creating cloud security learnin

Panel Discussion: Cloud Identity and Access Management

Oct 5th, 2022 59m 13s

This episode features a panel of three of the top Cloud Identity and Access Management experts in the world. Kat Traxler, Karl Fosaaen, and Kyler Middleton are incredibly knowledgable about how IAM works in all three cloud providers, but Kyler

Anton Chuvakin: Remapping Mental Models in IT, Security, and Compliance for the Cloud

Oct 5th, 2022 49m 53s

Dr. Anton Chuvakin and Brandon Evans discuss why some organizations desperately try to follow the on-premises blueprint when securing the cloud, how to prevent Compliance from getting in the way of the evolution of IT Security, and what Anton i

Frank Kim: Navigating the Cloud Security Journey for Individual Contributors and Business Leaders

Oct 5th, 2022 43m

Frank Kim, the Lead for the SANS Cloud Security and Security Leadership curriculums, joins Brandon Evans to discuss how these areas intersect, the role cloud technologies and vendors play in the People, Process, and Technology Framework, why de

Introducing SANS Cloud Ace

Sep 23rd, 2022 1m 34s

Welcome to the SANS Cloud Ace podcast. Our exciting podcast season 1 will be hosted by Brandon Evans, a SANS instructor and co-author of SEC510: Public Cloud Security: AWS, Azure, and GCP. We'll cover applicable information to use right away

Rate