
EP268 Weaponizing the Administrative Fabric: Cloud Identity and SaaS Compromise in M Trends 2026
From Cloud Security Podcast by Google by Anton Chuvakin
March 23, 2026 · 34 min · Season 1 · Episode 268
About this episode
The episode discusses the evolving landscape of cloud security threats and the implications of identity and SaaS compromises.
Guests: Kelli Vanderlee , Senior Manager, Threat Analysis, Mandiant, Google Cloud Scott Runnels , Mandiant Incident Response, Google Cloud Topics: Do we need to rethink "Mean Time to Respond" entirely, or are we just in deep trouble? Why are threat groups collaborating so well, and are there actual lessons for defenders in their "business" model? What is the scalable advice for teams worried about voice phishing and GenAI cloning? What does "weaponizing the administrative fabric" actually mean in a world where identity is the perimeter? Why is identity/SaaS compromise "news" in 2026 when cloud security folks have been shouting about it for years? What actually changed? What's the latest in supply chain compromise, particularly regarding malicious open-source packages? How do we defend against malware that is "lazy" enough to use the victim's own AI tools for reconnaissance? What is the specific advice for Detection and Response (D&R) teams to handle "living off the land" (or "living off the cloud")? How do you fix the situation when IT and Security departments genuinely hate each other? Besides reading the report , what is the one book or piece of advice for a CISO to survive…
People in this episode
Host: Anton Chuvakin
Guests: Kelli Vanderlee, Scott Runnels
Topics covered
- Cloud Identity
- SaaS Compromise
- Threat Analysis
- Voice Phishing
- GenAI Cloning
- Supply Chain Compromise
- Detection and Response
Keywords
- cloud security
- identity compromise
- SaaS
- threat groups
- voice phishing
- GenAI
- supply chain
- malware
- Detection and Response
Mentioned in this episode
Organizations: Mandiant, Google Cloud
Books & works: M-Trends 2026 Report, EP222 From Post-IR Lessons to Proactive Security: Deconstructing Mandiant M-Trends, EP254 Escaping 1990s Vulnerability Management: From Unauthenticated Scans to AI-Driven Mitigation, EP205 Cybersecurity Forecast 2025: Beyond the Hype and into the Real
More episodes of Cloud Security Podcast by Google
- EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality · May 4, 2026 · 20 min
- EP274 AI, Zero Trust and Secure by Design Walk into a Bar... · April 27, 2026 · 30 min
- EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier · April 20, 2026 · 29 min
- EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? · April 13, 2026 · 34 min
- EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess? · April 9, 2026 · 27 min
- EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security · April 6, 2026 · 27 min
Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.