You're listening to the CyberWire X a series of specials where we highlight important security topics affecting security professionals worldwide.

I'm Rick Howard, the chief security officer, chief analyst, and senior fellow at the CyberWire, and today's episode is titled

Zero Trust for Cloud Assets, Identity Authentication, and Authorization.

Applying Zero Trust Principles to access rights can be tricky.

Amazon's Lambda functions, Google's Cloud Functions, and Microsoft's Azure Functions

multiply the volume of identities to manage.

These cloud services often have excessive multiply the volume of identities to manage.

These cloud services often have excessive permissions to access sensitive data

and can become a potential entry point for an attacker.

In today's show, we will consider the pros and cons of different approaches to

enforcing least privileges in the cloud. A program note, each CyberWire X special

features two segments. In the first part of the show we will hear from industry experts on the topic at hand.

And in the second part we will hear from our show's sponsor for their point of view.

Here's a word from today's sponsor, SistIG. SISIG.

SISIG is driving the secure Devops movement, providing visibility and security, to confidently run containers,

Kubernetes, and the cloud. Modern cloud apps are built using continuous

integration slash continuous deployment or CICD for short and run as containerized micro services.

This generational ship creates opportunity to get security right by embedding policy into Dev-ops workflows.

Legacy tools can't see inside containers and slow application delivery.

What's needed is a container and a cloud security stack built on open source innovation

with deep and unified visibility across workloads and multi cloud infrastructure.

Run confidently with secure Devops by visiting

...