Cloud Security Podcast by Google
Anton Chuvakin
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.
We're going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject's benefit or just for organizational benefit.
We hope you'll join us if you're interested in where technology overlaps with process and bumps up against organizational design. We're hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can't keep as the world moves from on-premises computing to cloud computing.
We're going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject's benefit or just for organizational benefit.
We hope you'll join us if you're interested in where technology overlaps with process and bumps up against organizational design. We're hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can't keep as the world moves from on-premises computing to cloud computing.
Episodes
Mentioned books
Mar 23, 2026 • 34min
EP268 Weaponizing the Administrative Fabric: Cloud Identity and SaaS Compromise in M Trends 2026
Scott Runnels, Mandiant incident responder with hands-on IR experience, and Kelli Vanderlee, senior threat analyst at Mandiant, discuss identity as the new perimeter and how attackers weaponize admin fabrics. They cover rapid attacker collaboration, identity and SaaS compromise trends, voice phishing in the GenAI era, malicious open-source packages, malware using local AI, and practical detection and response strategies.
28 snips
Mar 16, 2026 • 36min
EP267 AI SOC or AI in a SOC? Cutting Through Hype, Pricing Models, and SIEM Detection Efficacy with Raffy Marty
Raffael Marty, longtime SIEM expert and operating advisor, explains why calls to declare SIEM dead are marketing. He contrasts centralized vs federated architectures and why locality matters for real-time detection. He covers data pipelines turning SIEM into a swappable layer, the realities of AI in SOCs, pricing problems with volume-based models, and what truly measures detection engineering quality.
6 snips
Mar 9, 2026 • 33min
EP266 Resetting the SOC for Code War: Allie Mellen on Detecting State Actors vs. Doing the Basics
Allie Mellen, principal analyst at Forrester and author of Code War, studies how nations use cyber tools for long-term strategy. She contrasts historical state doctrines and cloud limits, explains why mid-tier firms matter to nation-state campaigns, and explores AI’s role in making attacks faster and more dynamic. Short, urgent takeaways on resetting detection and keeping basic hygiene current.
12 snips
Mar 2, 2026 • 29min
EP265 Beyond Shadow IT: Unsanctioned AI Agents Don't Just Talk, They Act!
Alastair Paterson, CEO and co-founder of Harmonic Security who pinpoints generative AI data leaks in enterprises. He recounts real leaks from employee AI use. He explores governance choices from bans to managed adoption. He explains why unsanctioned AI differs from past shadow IT and warns about agentic tools and citizen-built workflows.
13 snips
Feb 23, 2026 • 34min
EP264 Measuring Your (Agentic) SOC: Two Security Leaders Walk into a Podcast
Michael Sinno, Director of Detection & Response at Google, leads engineering-led SOC practices. Alexander Pabst, Global Deputy CISO at Allianz, runs large-scale security operations and compliance. They debate whether time-based metrics still matter, unpack the Maturity Triangle and AI-driven automation, and explore measuring toil reduction, unit economics, auditability, and what boards actually care about.
14 snips
Feb 16, 2026 • 33min
EP263 SOC Refurbishing: Why New Tools Won't Fix Broken Processes (Even With AI)
Daniel Lyman, VP of Threat Detection and Response at Fiserv, who designs SOC processes and federated detection strategies. He discusses translating board goals into daily operations. He covers federated versus centralized SOC tradeoffs. He warns that swapping tools without changing processes is not transformation. He explores AI’s role in correlating telemetry and the value of application logs and containment metrics.
Feb 9, 2026 • 29min
EP262 Freedom, Responsibility, and the Federated Guardrails: A New Model for Modern Security
Alex Shulman-Peleg, Global CISO at Kraken and former Citibank/EY security leader. He argues centralized security cannot keep up with cloud and AI-driven speed. He explains freedom paired with responsibility and distributed security ownership. He contrasts distributed versus federated control and calls for treating security as a core quality in engineering.
20 snips
Feb 2, 2026 • 29min
EP261 No More Aspiration: Scaling a Modern SOC with Real AI Agents
Dennis Chow, Director of Detection Engineering at UKG, builds and runs detection and response systems and leads agentic AI work for SOC workflows. He discusses AI-powered attacks being real and detection-as-code responses. He defines hybrid AI agent pipelines, explains a seven-stage master control flow, and shares production uses like triage, containment, and payload analysis.
Jan 26, 2026 • 30min
EP260 The Agentic IAM Trainwreck: Why Your Bots Need Better Permissions Than Your Admins
Vishwas Manral, CEO of Precize.ai and author on agentic AI risks, brings networking and security protocol experience. He explains how agents act as runtime app logic and why IAM for agents is uniquely tricky. The conversation covers early risk guidance, constraining agent permissions, shared responsibility across providers, and emerging AI-on-AI threats.
8 snips
Jan 19, 2026 • 34min
EP259 Why DeepMind Built a Security LLM Sec-Gemini and How It Beats the Generalists
Elie Burstein, a Distinguished Scientist at Google DeepMind, dives into the revolutionary Sec-Gemini, an AI tailored for cybersecurity. They discuss how it utilizes real-time data to enhance defensive measures and how it outperforms general AI in tasks like digital forensics and penetration testing. Elie shares insights on the motivations behind developing specialized AI for security, the challenges of deploying patches, and the unexpected use cases that emerged from testers. Tune in to discover how this innovative approach is redefining cyber defense!
