Anton Chuvakin
Cloud Security Podcast by Google
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We're going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject's benefit or just for organizational benefit. We hope you'll join us if you're interested in where technology overlaps...
Author
Anton Chuvakin
Category
Podcast website
Latest episode
Jul 6, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
EP284 Closest Alligator to the Canoe: How Transforming SOC Became P0 for Lloyds Bank 29.06.2026 25:35
https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-cisos-can-pursue-technical-and-cultural-resilience-q-a?e=48754805
EP279 Native Cloud Security: Is 'Good Enough' Actually Winning? 25.05.2026 29:02
Guests: Gal Ordo , Co-founder & CPO @ Native Topics: In Episode 186 , we debated 'Native vs. Third-Party' as a binary choice. Native seems to be a third-party vendor whose entire existence depends on the belief that cloud-native controls are superior. Does your platform validate the 'Cloud Provider' side of the debate (that their controls are enough), or does the fact that you exist prove the...
EP278 The Agentic SOC: Are We Measuring Time Saved or Risk Reduced? 18.05.2026 27:54
Guest: Matt Gregson , Principal - PwC Cyber Security Topics: What is the state of the art of "agentic SOC" in 2026? Can you describe the most agentic SOC you've seen so far? In your experience, what are the main measurable benefits of AI agents in a SOC and IR? Imagine a 2030 SOC, what do humans do? Tell us more about how you judge if a client SOC is ready for AI and agents? What is the "Ouch" mom...
EP277: CISO as CFO, From Citi to Celery, It's All about the Cabbage 13.05.2026 25:13
Guest: Arvin Bansal , CISO, C&S Wholesale Grocers Topics: Most people do not associate grocery wholesale and retail with cutting edge technology and threat models. Can you produce the receipts for why this isn't a story of dry goods but rather a very meaty topic with beefy adversaries? How are you as the CISO enabling C&S's journey into AI and LLM driven work? Securing AI is a bit harder than sec...
EP276 AI Governance vs. The Hyper-Velocity Agentic Future: A Lawyer's Take 11.05.2026 36:00
Episode co-host: Marina Kaganovich , Enterprise Trust Lead, Office of the CISO, Google Cloud Guest: James Sherer, Partner at BakerHostetler Topics Is AI just an emerging technology or something bigger, deeper and different? Is this another emerging technology or a fundamental shift? How to effectively govern something that is rapidly changing at unprecedented velocity? We navigated the gover...
EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality 04.05.2026 20:23
Guests: No guests Topics: So what have we seen at Google Cloud Next 2026 ? Any closing loops for our 2023-2025 Cloud Next observations? We are seeing that AI security is not an island ... what does that tell us about the difference between cloud and AI adoption? What does "ragged edge of AI adoption" mean for security? Why do people want agents in their SOC? Do they know what gets better? What...
EP274 AI, Zero Trust and Secure by Design Walk into a Bar... 27.04.2026 29:37
Guest: Grant Dasher, ex-CISA, ex-Google, Distinguished Engineer, Google (again) Topics: Why is the "Secure-by-Design" movement gaining so much momentum now, and is it a response to the failure of "bolted-on" security, or just a natural evolution of cloud maturity? In a future Secure-by-Design world, is identity the only perimeter that actually matters anymore? Or is this a cliche? As we move towa...
EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier 20.04.2026 29:28
Guest: Jeanette Manfra , VP, Head of Risk and Compliance, Google Cloud Topics: How does "outsourcing" security to the cloud change the intensity of the security vs. privacy struggle for a CISO? Does the centralization of cloud make it a bigger target for regulators, or is there a dimension we're missing? Does the Shared Responsibility Model actually survive contact with regulators, and how does AI...
EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? 13.04.2026 34:11
Guest: Raja Mukerji , Co-Founder & Chief Scientist, Extrahop Rafal Los , VP of Client Relations and Strategic Initiatives, Extrahop Topics: Is Network Detection and Response (NDR) coming back after being shoved to the side by EDR a bit? Is this for real? What's the value proposition of NDR in 2026, because some people still don't understand it? How does NDR apply to the world of WFH, cloud/SaaS, e...
EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess? 09.04.2026 27:29
Guests: Eric Foster , CEO, Tenex. AI Bashar Abouseido , President, Tenex. AI Topics: "10X SOC" sounds great. But for an organization stuck in "SIEM 1.0" with poor data quality and manual workflows, is "AI-native MDR" a "leapfrog" opportunity or a recipe for disaster? We've seen the rise of "Decoupled SIEM" and security data lakes. Does a "Modern SIEM" even need to exist if an MDR platform has an...
EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security 06.04.2026 27:23
Guest: Dan Lorenc , Founder / CEO, Chainguard Topics: We just saw a security tool (Trivy) get used to pop an AI infrastructure tool (LiteLLM) to eventually pop end users. Have we reached the point where our security tooling is actually our largest unmanaged attack surface? Why now? Software supply chain security had the perennial vibe of "not top concern" for most organizations, right? TeamPCP pu...
EP269 Reflections on RSA 2026 - Beyond AI AI AI AI AI AI AI 30.03.2026 33:26
Guests: No guests! Just Tim and Anton Topics: Hard to believe we've been doing these since 2022, is that right? What did we see this year at RSA, apart from AI? And more AI? And more AI? What framework can we use to understand the approaches vendors take to AI and security? Just saying "AI washing" is not enough! How to tell "AI washer" from "AI tourist"? I sense that "securing AI" (and agents) i...
EP268 Weaponizing the Administrative Fabric: Cloud Identity and SaaS Compromise in M Trends 2026 23.03.2026 33:49
Guests: Kelli Vanderlee , Senior Manager, Threat Analysis, Mandiant, Google Cloud Scott Runnels , Mandiant Incident Response, Google Cloud Topics: Do we need to rethink "Mean Time to Respond" entirely, or are we just in deep trouble? Why are threat groups collaborating so well, and are there actual lessons for defenders in their "business" model? What is the scalable advice for teams worried abo...
EP267 AI SOC or AI in a SOC? Cutting Through Hype, Pricing Models, and SIEM Detection Efficacy with Raffy Marty 16.03.2026 35:36
Guest: Raffael Marty , Operating Advisor, a SIEM legend since 1999 Topics: You argue that declaring existing SIEM being obsolete is a "marketing slogan" rather than a true thesis. What is the real pain point and the actual gap in traditional SIEMs as opposed to the more sensational claims? You highlight that "correlation, state, timelines, and real-time detection require locality," making centrali...
EP266 Resetting the SOC for Code War: Allie Mellen on Detecting State Actors vs. Doing the Basics 09.03.2026 33:24
Guest: Allie Mellen , Principal Analyst @ Forrester , author of "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield" Topics: Your book focuses on the US, China, and Russia. When you were planning the book did you also want to cover players like Israel, Iran, and North Korea? Most of our listeners are migrating to or operating heavily in the cloud. As nations refine their "digital b...
EP265 Beyond Shadow IT: Unsanctioned AI Agents Don't Just Talk, They Act! 02.03.2026 28:54
Guest: Alastair Paterson , CEO and co-founder @ Harmonic Security Topics: Harmonic Security focuses on securing generative AI in use. Can you walk us through a real, anonymized example of a data leak caused by employee AI usage that your platform has identified? AI governance gets thrown around a lot. What does this mean in the context of Shadow AI? How should organizations be thinking about gover...
EP264 Measuring Your (Agentic) SOC: Two Security Leaders Walk into a Podcast 23.02.2026 34:17
Guests: Alexander Pabst , Global Deputy CISO, Allianz SE Michael Sinno , Director of D&R, Google Topics: We've spent decades obsessed with MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond). As AI agents begin to handle the bulk of triage at machine speed, do these metrics become "vanity metrics"? If an AI resolves an alert in seconds, does measuring the "mean" still tell us anything abou...
EP263 SOC Refurbishing: Why New Tools Won't Fix Broken Processes (Even With AI) 16.02.2026 32:34
Guest: Daniel Lyman , VP of Threat Detection and Response, Fiserv Topics: What is the right way for people to bridge the gap and translate executive dreams and board goals into the reality of life on the ground? How do we talk to people who think they have "transformed" their SOC simply by buying a better, shinier product (like a modern SIEM) while leaving their old processes intact? What are the...
EP262 Freedom, Responsibility, and the Federated Guardrails: A New Model for Modern Security 09.02.2026 28:57
Guest: Alex Shulman-Peleg , Global CISO at Kraken Topics: You mentioned that centralized security can't work anymore. Can you elaborate on the key changes—driven by cloud, SaaS, and AI—that have made this traditional model unsustainable for a modern organization? Why do some persist at centralized, top down approach to security, despite that? What do you mean by "Freedom, Responsibility and dist...
EP261 No More Aspiration: Scaling a Modern SOC with Real AI Agents 02.02.2026 28:56
Guest: Dennis Chow , Director of Detection Engineering at UKG Topics: We ended our season talking about the AI apocalypse . In your opinion, are we living in the world that the guests describe in their apocalypse paper ? Do you think AI-powered attacks are really here, and if so, what is your plan to respond? Is it faster patching? Better D&R? Something else altogether? Your team has a hybrid...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.