{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"SEC.co Podcast ","title":"Cloud Egress Control: Policy-as-Code Best Practices for Cybersecurity Teams","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/3473174f\"></iframe>","width":"100%","height":180,"duration":901,"description":"Episode summary: Cloud runtimes are noisy neighbors. They spin up, scale out, pull containers in the middle of the night, and sometimes try to befriend the entire internet. Every outbound request is a potential exfiltration lane, a misrouted secret, or a compliance liability. In this episode, we take the SEC.co article \"Cloud Egress Control Best Practices: Policy-as-Code\" and expand it into a comprehensive discussion of why controlling outbound traffic in cloud environments is far harder than it looks on a whiteboard — and how policy-as-code gives cybersecurity and platform engineering teams a practical, scalable, and auditable way to solve it.For anyone responsible for cloud security, infrastructure operations, or compliance, egress control represents one of the most deceptively complex challenges in modern environments. The traditional approach — a short allow list, a few port restrictions, and a confident nod from audit — breaks down quickly in the face of dynamic, modular, container-based workloads that call third-party APIs, fetch ephemeral images, and make constant outbound connections as part of normal operation. This episode explains why that complexity demands a fundamentally different approach, one built on identity-bound policies expressed in code rather than fragile IP-based firewall rules managed through spreadsheets and GUIs.Why this matters nowCloud adoption has reached the point where most enterprise workloads run in dynamic, elastic environments. But security practices around outbound traffic often lag behind, still relying on static IP allow lists, centralized network appliances, and policies that only a handful of specialists can understand. That gap is an invitation to attackers, who know that if they can compromise a workload, unrestricted egress gives them a free highway to exfiltrate data to any destination on the internet. This episode addresses that gap directly with principles, practices, and implementation guidance that security and...","thumbnail_url":"https://img.transistorcdn.com/94otH4rq7SFZtErk5NCuiEdgF8-OLF9klyDfctmwG7k/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS81NTQw/ZWNiODZiYzgyOWUz/ODQ1MmZiNWU4OWJl/ZjIzNy5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}