Episode

CCT 355: Zapier Breach Lessons For Cloud Security and Setting Up TPRM Program in 15 Minutes

Podcast

CISSP Cyber Training Podcast - CISSP Training Program

Published

Jun 4, 2026

Duration seconds

1466

Processing state

not_requested

Canonical source

https://www.buzzsprout.com/2167626/episodes/19292844-cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.mp3

Audio

https://www.buzzsprout.com/2167626/episodes/19292844-cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.mp3

JSON

/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes

Markdown

/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.md

Actions

• POST https://stenobird.com/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes/transcription-requests
  Idempotently request low-priority transcript generation for this episode.
• GET https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.md
  Read the agent-friendly Markdown representation of this episode resource.

Summary

Send us Fan Mail The breach that takes down a company often does not kick in the front door. It walks in through a “simple” integration you set up months ago, powered by a token no one remembered to rotate. We start with a real-world Zapier-style scenario and unpack how researchers chained together a harmless-looking code block, an AWS Lambda environment, and a misconfigured IAM role to reach private repository files and ultimately an NPM token that could enable a supply chain attack. From t...