# CCT 355: Zapier Breach Lessons For Cloud Security and Setting Up TPRM Program in 15 Minutes Page: https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes Text version: https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.md Podcast: [CISSP Cyber Training Podcast - CISSP Training Program](https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495) Published: 2026-06-04T11:00:00+00:00 Episode link: https://www.buzzsprout.com/2167626/episodes/19292844-cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.mp3 Audio file: https://www.buzzsprout.com/2167626/episodes/19292844-cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.mp3 Processing state: not_requested JSON: https://stenobird.com/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes Duration seconds: 1466 ## Resource Send us Fan Mail The breach that takes down a company often does not kick in the front door. It walks in through a “simple” integration you set up months ago, powered by a token no one remembered to rotate. We start with a real-world Zapier-style scenario and unpack how researchers chained together a harmless-looking code block, an AWS Lambda environment, and a misconfigured IAM role to reach private repository files and ultimately an NPM token that could enable a supply chain attack. From t... ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/cissp-cyber-training-podcast-cissp-training-program-6068495/episodes/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/cissp-cyber-training-podcast-cissp-training-program-6068495/cct-355-zapier-breach-lessons-for-cloud-security-and-setting-up-tprm-program-in-15-minutes.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.