Cloud Security Risks: Exploring the latest Threat Landscape Report

Поделиться
HTML-код
  • Опубликовано: 22 дек 2024

Комментарии • 53

  • @AlessandroSqueo
    @AlessandroSqueo Месяц назад +3

    How do you project the glass board? That is very interesting. Writing in reverse?

  • @Ninj4-b3r
    @Ninj4-b3r 2 месяца назад +10

    Something that wasn’t discussed here was that BEC attacks often use AITM techniques to steal sessions bypassing MFA and how to protect against it

  • @nelsonmatembissa5771
    @nelsonmatembissa5771 2 месяца назад +5

    Always glad to see a new upload. Once again a great video! Thanks!

    • @jeffcrume
      @jeffcrume 2 месяца назад +2

      Thanks so much!

  • @jervahnmorgan
    @jervahnmorgan 2 месяца назад +4

    Good job, thank you. Please keep the videos coming.

  • @mneiferbag
    @mneiferbag 2 месяца назад +10

    Hhm, nice video, but it only mentions "cloud" in the first second and in the last seconds. XSS and credentials vulnerabilities are not cloud security risks. You could have these vulnerabilities with a single web server too. With this video title, I would have expected some more cloudy...

    • @RC19786
      @RC19786 8 дней назад

      its basically an excuse for IBM to "shine" on its X-Force platform, nothing new

    • @humptyslick
      @humptyslick 3 дня назад

      Gmail is your Google cloud access, some also use it as an alternate verification addy to their device, YT and playstore etc

  • @tbadi-Tonny
    @tbadi-Tonny 2 месяца назад +9

    Simple and straightforward

    • @jeffcrume
      @jeffcrume 2 месяца назад +1

      Glad you liked it!

  • @naridabanucio2828
    @naridabanucio2828 2 месяца назад +3

    Excellent lesson, short, comprehensive an clear.

  • @martinlastname8548
    @martinlastname8548 2 месяца назад +5

    What a great explanation of XSS

    • @jeffcrume
      @jeffcrume 2 месяца назад +1

      Glad you liked it. I have another video coming up that goes a little deeper into XSS exclusively

  • @harsimarkandhari4045
    @harsimarkandhari4045 2 месяца назад +1

    Thanks a lot, I was just checking out the X Force Cloud Threat Landscape Report and it is great to have such a wonderful explanation for it !!

    • @jeffcrume
      @jeffcrume 2 месяца назад

      I’m glad you liked it!

  • @livinglikeahuman7918
    @livinglikeahuman7918 2 месяца назад +1

    Currently learning cybersec and definitely interested in the cloud and cloud engineering. Wish me luck ive heard its competitive 😅

  • @fransmurati2370
    @fransmurati2370 7 дней назад +1

    Could a security box between your computer and the web not help to solve these security, it must not be part of your computer, it is a computer by itself, that can use all known security systems to control the threats, it hides your computer identy and only generates an access code before it enters the intended adress, etc.

    • @jeffcrume
      @jeffcrume 21 час назад

      What you are describing is similar to SASE. It can address some but not all threats

  • @dofilamingo8848
    @dofilamingo8848 2 месяца назад +1

    amazing video as usual

  • @robertfoertsch
    @robertfoertsch 2 месяца назад +3

    Excellent Analysis, Deployed Worldwide Through My Deep Learning AI Research Library.
    Thank You ❤

  • @Seansaighdeoir
    @Seansaighdeoir 2 месяца назад +2

    Nothing about the biggest security risk of all of putting your companies personal data into an entity you are forced to trust and who you have no control over - the big tech cloud drivers like MS Azure, Google, AWS and of course IBM.

  • @BSECAEnerggy
    @BSECAEnerggy Месяц назад +1

    Facts!

  • @gersonbarrientos1580
    @gersonbarrientos1580 2 месяца назад +1

    Very good! I love this video

  • @carsonjamesiv2512
    @carsonjamesiv2512 2 месяца назад +1

    GOOD EXPLANATION!😃👍🎉

  • @tharukapavith8195
    @tharukapavith8195 2 месяца назад +1

    Very informative content!

  • @GeorgeBentes
    @GeorgeBentes Месяц назад +1

    Awesome tips! I'll take a look in this passkeys business

    • @jeffcrume
      @jeffcrume Месяц назад

      Sure! You might check out the two videos I did on FIDO passkeys here on the IBM Technology channel

    • @brendawilliams8062
      @brendawilliams8062 15 дней назад

      It appears it’s a job as he said. It doesn’t end

  • @JikeWimblik
    @JikeWimblik 2 месяца назад

    So how do you interpret the bot activity data with good bots like defending connection integrity and bad bots like stealth action bots for ransom ware for example. How could an os use good bot a activity to benefit os security. And less direct security issues with bots for example manipulating audience attraction getting in the way of users reaching better content more suited to what their looking for. It'd be nice to get emailed by a bot if your a system admin if a security flaw has been found. Maybe their should be a communications service for bots that keeps the security bods more informed of the current bot activity climate.

  • @AjaySingh-ey7gt
    @AjaySingh-ey7gt Месяц назад +1

    nice video

  • @sk3ffingtonai
    @sk3ffingtonai 2 месяца назад +1

    👍 Thank you for sharing.

    • @jeffcrume
      @jeffcrume 2 месяца назад

      Thanks for watching!

  • @BrandonSorenson-fb3gg
    @BrandonSorenson-fb3gg 2 месяца назад

    Jerry Bell is also an interesting person to listen to on security

  • @rmcgraw7943
    @rmcgraw7943 2 месяца назад

    Given that the mitigation techniques mentioned here have been around for decades, I would suggests that employee EDUCATION and a policy of least privilege to eliminate 95% of all attack vectors. All of what he discusses here is good, but the 2 above tactics are the 2 biggest ones.

  • @miguelcano6396
    @miguelcano6396 2 месяца назад +1

    Nice

  • @chancesire
    @chancesire 2 месяца назад +1

    🔥

  • @miraculixxs
    @miraculixxs 2 месяца назад

    Source for those 600bn$?

  • @miraculixxs
    @miraculixxs 2 месяца назад +1

    XSS: if some guy can insert links on your web page you have a lot of problems worse than XSS

  • @mr.RAND5584
    @mr.RAND5584 2 месяца назад

    htmlspecialchars😊

  • @velo1337
    @velo1337 2 месяца назад

    dont forget, cross side scripting is not always bad.

    • @gersonbarrientos1580
      @gersonbarrientos1580 2 месяца назад

      Wait what? What do you mean lol

    • @Thiago1337
      @Thiago1337 2 месяца назад

      @@gersonbarrientos1580 I think he means reflected xss without chaining it with other vulnerabilites

  • @Cysecsg
    @Cysecsg 2 месяца назад

    These are not cloud-specific risks

  • @VictorEstrada
    @VictorEstrada 2 месяца назад +10

    Sorry man, but all you talked about was just email phishing, nothing related to the title.

    • @oldones59
      @oldones59 2 месяца назад +4

      Stop whining. Look elsewhere and educate yourself.

  • @rn8923
    @rn8923 2 месяца назад

    First