Something that wasn’t discussed here was that BEC attacks often use AITM techniques to steal sessions bypassing MFA and how to protect against it

How do you project the glass board? That is very interesting. Writing in reverse?

Hhm, nice video, but it only mentions "cloud" in the first second and in the last seconds. XSS and credentials vulnerabilities are not cloud security risks. You could have these vulnerabilities with a single web server too. With this video title, I would have expected some more cloudy...

Always glad to see a new upload. Once again a great video! Thanks!

Could a security box between your computer and the web not help to solve these security, it must not be part of your computer, it is a computer by itself, that can use all known security systems to control the threats, it hides your computer identy and only generates an access code before it enters the intended adress, etc.

Simple and straightforward

Good job, thank you. Please keep the videos coming.

Nothing about the biggest security risk of all of putting your companies personal data into an entity you are forced to trust and who you have no control over - the big tech cloud drivers like MS Azure, Google, AWS and of course IBM.

Excellent lesson, short, comprehensive an clear.

What a great explanation of XSS

amazing video as usual

Currently learning cybersec and definitely interested in the cloud and cloud engineering. Wish me luck ive heard its competitive 😅

nice video

Thanks a lot, I was just checking out the X Force Cloud Threat Landscape Report and it is great to have such a wonderful explanation for it !!

Very informative content!

Very good! I love this video

GOOD EXPLANATION!😃👍🎉

Awesome tips! I'll take a look in this passkeys business

👍 Thank you for sharing.

So how do you interpret the bot activity data with good bots like defending connection integrity and bad bots like stealth action bots for ransom ware for example. How could an os use good bot a activity to benefit os security. And less direct security issues with bots for example manipulating audience attraction getting in the way of users reaching better content more suited to what their looking for. It'd be nice to get emailed by a bot if your a system admin if a security flaw has been found. Maybe their should be a communications service for bots that keeps the security bods more informed of the current bot activity climate.

Nice

Facts!

Jerry Bell is also an interesting person to listen to on security

Given that the mitigation techniques mentioned here have been around for decades, I would suggests that employee EDUCATION and a policy of least privilege to eliminate 95% of all attack vectors. All of what he discusses here is good, but the 2 above tactics are the 2 biggest ones.

Excellent Analysis, Deployed Worldwide Through My Deep Learning AI Research Library. Thank You ❤

XSS: if some guy can insert links on your web page you have a lot of problems worse than XSS

Source for those 600bn$?

🔥

These are not cloud-specific risks

dont forget, cross side scripting is not always bad.

htmlspecialchars😊

Sorry man, but all you talked about was just email phishing, nothing related to the title.

First