Risky Business Snake Oilers: Sandfly Security, Permiso and Wiz
Oct 1, 2024
This episode features insights from guests representing Sandfly Security, Permiso, and Wiz. Sandfly discusses their innovative agentless approach to securing Linux systems, tackling challenges like SSH key management. Permiso emphasizes machine learning in identity security, focusing on proactive measures to detect threats. Wiz explores cloud security vulnerabilities and the importance of integrating safety measures into coding practices. Together, they shed light on the evolving landscape of cybersecurity and its critical role in today's digital world.
AI Snips
Chapters
Transcript
Episode notes
Clean Up SSH Keys And Enforce Zones
- Audit authorized_keys and SSH private keys to locate stale or world-readable credentials and enforce key hygiene.
- Create SSH security zones and alert when unexpected keys appear on production systems.
Correlate Identity Across Layers
- Permiso builds an entity graph and an activity graph from identity control planes and correlates actions back to the originating identity.
- Inspecting aggregated sessions reduces alert noise and gives richer context for triage across SaaS, IaaS, and IDP layers.
Shared Roles Make Cloud Attribution Hard
- Machine-to-machine and vendor roles are easier to profile but shared roles complicate anomaly detection for humans.
- Accurately attributing cloud actions back to an individual user is non-trivial yet crucial for reliable alerts.