Lars and Kabir Mathur, CEO of Leen, discuss the concept of unified APIs for security data, emphasizing the need for normalization and integration of various security tools.

Kabir explains how Leen differentiates itself by not only providing data connectors but also delivering data over an API, making it accessible for developers.

They explore the challenges of maintaining integrations in a rapidly changing security landscape, the importance of a security data fabric, and the evolving skill sets of security engineers.

Also touches on practical use cases for unified APIs and the technical stack behind Leen solutions.

Takeaways

• Unified APIs simplify the integration of multiple security tools.
• Normalization of data is crucial for effective security management.
• Leen focuses on delivering data over APIs for accessibility.
• The security landscape is fragmented with thousands of vendors.
• Collaboration with customers is key to determining tool integrations.
• The OCSF standard is becoming a norm for data normalization.
• Security teams are increasingly requiring engineering skills.
• Unified APIs can help bridge the gap between security and engineering teams.
• Real-time data is not always necessary for security applications.
• Use cases for unified APIs are emerging in GRC and cyber insurance.

In this conversation, Rotem Levi, a Cloud Security Architect, discusses the importance of proactive cloud security. He emphasizes the need for a balance between cost optimization and security, as well as the significance of good security practices in reducing cloud spend. Rotem also highlights the importance of having order in infrastructure and the role of tagging in achieving this. He recommends three key actions for improving cloud security: setting up budget alerts, implementing governance measures, and actively analyzing and responding to logs.

In this episode, Lars Kamp interviews Jonathan Rau, a distinguished engineer at Query, about Electric Eye, an open-source CSPM (cloud security posture management) tool.