New Cloud Security Podcast Video Featuring Zest Security CEO Sneer
🎬 NEW VIDEO FROM @CloudSecurityPodcast
In this video, the Cloud Security podcast welcomes Sneer, the CEO and co-founder of Zest Security, to discuss the use of artificial intelligence (AI) in cloud security. Sneer shares his professional journey, which includes roles as CSO at Cider and Veronis, as well as his experience in offensive security research. He also addresses the definition of cloud security in 2025, emphasizing the importance of visibility and understanding of cloud assets.
Sneer explains that cloud security is complex and involves several components, including native configuration and best practices for posture, third-party applications, and deployment processes. He notes that the detection of security issues is already well-mastered, but resolving these issues remains a major challenge. Security teams spend a lot of time sorting and manually resolving vulnerabilities and misconfigurations, which can take weeks or months.
One of the key points of the discussion is the use of AI to improve vulnerability management. Sneer explains that AI can help prioritize vulnerabilities based on the specific context of the environment, rather than relying solely on generic risk scores. He introduces the idea of "Google Maps for vulnerability management," where AI can determine the best path to efficiently resolve a large number of security issues.
Sneer uses an interesting analogy to illustrate this point: if you need to transport a group of people from a wedding to another location, you must first determine the appropriate vehicle (car, bus, plane) before planning the route. Similarly, in cloud security, it is crucial to understand the available tools and processes to optimally resolve issues.
He also highlights that AI can perform recursive analyses, which are difficult for the human mind. For example, AI can simulate the impact of a package update on the entire set of vulnerabilities, allowing for the selection of the most effective solution. However, he acknowledges that AI is not yet capable of completely replacing ticketing systems and human processes due to the variability of organizational environments.
Sneer also discusses the challenges of building an AI solution for cloud security. He explains that this requires experts in various types of language models (LLM) and continuous maintenance to adapt to the rapid evolution of technology. He emphasizes the importance of building a flexible infrastructure that allows for the replacement or updating of AI models without disrupting operations.
Finally, Sneer shares some advice for CISOs on how to distinguish genuine AI solutions from mere marketing hype. He recommends asking specific questions about the use of AI and requesting concrete examples of non-deterministic problems that AI can solve.
To learn more about Zest Security and Sneer's work, you can visit their website or follow them on LinkedIn.