Episode 17 of the podcast covers different uses of threat intelligence to protect against platform abuse and application security with Kris Lahiri, Chief of Security at Egnyte.
Outline:
- (00:45) Intro
- (01:09) Q1: File sharing companies have a heavy attack surface not only from cyber actors trying to infiltrate their network perimeter, but also using the platform itself to store illicit information they steal. How do you defend against all these threats and how do you prioritize?
- (09:55) Q2: As a medium size business, how do you prioritize threat intelligence that shows vulnerabilities against your tech stack?
- (14:37) Q3: There’s been a lot of talk about the shared responsibility model, particularly after the Capital One incident, what are your thoughts on shared responsibility? What is Egnyte responsible for and what are your clients responsible for in regards to security?
- (20:18) Q4: Does attribution matter? If so, no organization is going to be able to devote resources to attributing all attempted threat activity, where do you draw the line? Which types of attacks or actors are you willing to make that investment on and why?
- (23:33) Q5: Many say that modern day application development does not take into consideration or prioritize security controls. What approach and strategy did you take to bake in security controls when building Egnyte?