🎙️ Episode: Identity Governance and PAM – From Access to Oversight

In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, we move beyond the basic "username and password" to explore Identity as the New Perimeter.

We dissect the "Identity Explosion"—the shift from managing a few hundred employees to governing thousands of human and machine identities, from API keys to RPA bots. The team breaks down the IGA Lifecycle (Joiner, Mover, Leaver), explaining how to automate the "digital census" and stop "permission creep" before it turns an internal account into an attacker’s playground.

The conversation then shifts to the high-stakes world of Privileged Access Management (PAM). We challenge the dangerous status quo of "Always-On" administrative rights and introduce the "Gold Standard" of modern defense: Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access. Learn why the most secure administrative account is the one that doesn't actually exist until the moment it's needed.

Finally, we look at the Identity Attack Surface, discussing the rise of Identity Threat Detection and Response (ITDR). We explore why it is now officially easier for an adversary to "log in" than to "hack in," and how to build a resilient, identity-centric architecture that assumes breach at the credential level.

👉 Tune in to learn how to bridge the gap between "Active Directory" and "Zero Trust," ensuring your organization’s most powerful accounts are never left out in the cold.

🎙️ Episode: Data Loss Prevention and Privacy Engineering – From Design to Operations

In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, we move beyond the legal "fine print" to explore Privacy as a core Engineering Discipline.

We explore why "Legacy DLP" is failing in the modern cloud and introduce the concept of Data Lineage — the ability to track the story of your data from the moment it’s created. The team breaks down the three technical pillars of privacy: Predictability, Manageability, and Disassociability, explaining how they form the foundation of any dependable system.

We also get into the "math of privacy," discussing the limitations of traditional anonymization and the rise of Differential Privacy and Federated Learning. Finally, we look at the Engineer’s Runbook: practical strategies for automating DSARs and data deletion across complex, distributed architectures.

👉 Tune in to learn how to bridge the gap between "Privacy Policy" and "Privacy Code," ensuring your systems are built for both security and trust.

🎙️ Episode: Container and Kubernetes Security – Securing DevOps Environments

In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, hosts Ben, Moiz, and Sneh strip away the abstraction layers to expose the engine room of modern infrastructure: Containers and Kubernetes.

We debunk the myth of the "secure sandbox" by breaking down the Linux primitives — Namespaces and Cgroups — that actually power containers, revealing why "root in a container is root on the host." This episode dissects the 4C's of Cloud Native Security (Cloud, Cluster, Container, and Code), providing a comprehensive strategy for hardening the Kubernetes API server and killing the dangerous "cluster-admin" default mindset.

You’ll also hear insights on securing the software supply chain, solving the "garbage in, garbage out" problem by implementing image scanning and signing within your CI/CD pipelines. We explore the cultural shift of DevSecOps and how to bridge the gap between speed and security.

👉 Tune in to learn how to architect a defense-in-depth strategy for K8s, from implementing Network Policies and RBAC to detecting runtime threats—ensuring your orchestrator is as resilient as the applications it runs.