D2DO250: The Realities of Responsible Disclosure in the Cloud
Day Two DevOps
Ned Bellavance and I on Day Two DevOps host brilliant and effusive engineers who share their lessons learned from large, impactful projects. Come soak up all the hard lessons they learned through building big stuff (and sometimes destroying big stuff), all for the low low cost of totally free.
Summary
Cloud security and responsible disclosure are the focus of today’s conversation with guest Kat Traxler. Kat shares her insights on identifying vulnerabilities in cloud services, particularly Google Cloud, and the importance of curiosity in her research. The episode explores the role of bug bounty programs and the shift towards issuing CVEs for cloud vulnerabilities. Lastly, Kat offers advice for aspiring security researchers, emphasizing the need for foundational knowledge in system building and coding.
Episode Guest: Kat Traxler, Principal Security Researcher – Public Cloud, Vectra AI
Kat Traxler is a Security Professional based in the Twin Cities, as Principal Security Researcher – Public Cloud at Vectra AI. She specializes in cloud research and security architecture design, focusing on public cloud, container orchestration systems, and IAM platforms. Her background includes roles in penetration testing targeting web applications and cryptographic infrastructure. Kat has worked professionally in cloud security research for informing detection efforts, engineering detective controls to intercept attacker behavior within the cloud control-plane.
Listen Now!
Head over to Packet Pushers to listen to the podcast. It’s available on Apple Podcasts, Spotify, Overcast.FM, and pca.ST (basically anywhere that will take our podcasts).
Thanks all! Good luck out there.
kyler