EPISODE 05 – Proactive Cloud Security: Mitigate Real Risks
Karl Fosaaen
VP of Research at NetSPI
Episode Details:
In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen connects with Thomas Elling, Director of Cloud Penetration Testing. They dive into cloud pentesting tips and common misconfigurations, discussing how attackers take advantage of these gaps.
Learn how threat actors link small configuration mistakes to create huge problems for your business. We also explore why constant, proactive testing is key to keeping your security program healthy and aligned with your business goals.
What You’ll Hack Away With
- How to spot cloud risks
- The danger of linked threats
- Real-world attack paths
- Building strong teams
About the Speakers
Host: Karl Fosaaen | VP, Research
As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI’s Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for over 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit (https://github.com/NetSPI/Microburst) to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book “Penetration Testing Azure for Ethical Hackers” with David Okeyode.
Guest: Thomas Elling | Director of Cloud Penetration Testing
As the Director of Cloud Pentesting at NetSPI, Thomas Elling has advised multiple Fortune 500 companies in the technology sector, specializing in web application and cloud security testing. In addition, he serves as a security researcher to continue advancing NetSPI’s assessment team with research and tool development. Thomas holds a BS in computer science from Columbia University with a focus on software development and security where he gained experience as an undergraduate researcher at the CU Network Security Lab.
Empower your strategic decisions with these additional resources:
- Service Overview: Cloud Pentesting
- Technical Insights: Hack Responsibly Blog
- Tools: NetSPI Open Source Tools
Find more episodes on YouTube or wherever you listen to podcasts.
Explore More Podcasts
EPISODE 04 – From Blue Team to Pentesting: Tools, Tales, and Techniques
In this episode, host Karl Fosaaen sits down with Paul Ryan, Senior Director of Application Security at NetSPI, to explore his journey in cybersecurity and his leadership in application pentesting. Paul shares how his career evolved from IT and blue team roles to becoming a key figure in application security at NetSPI.
EPISODE 03 – The Hidden Risk in Legacy Infrastructure
In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen connects with Phil Young, NetSPI Director of Mainframe Pentesting. Known in the industry as "Soldier of Fortran," Phil is a leading authority on mainframe security.
EPISODE 02 – Securing the AI Frontier
In this episode of the Hack Responsibly podcast, NetSPI VP of Research Karl Fosaaen speaks with Kim Wiles, Director of AI Penetration Testing, about the unique security challenges posed by emerging AI technologies.