An Anatomy Of A Cloud Hack: Detecting And Responding To Adversaries In The Cloud presented at BSidesAugusta 2018

by Martin Holste,

Summary : In most ways, the public cloud is more secure than a traditional data center. Asset management, inventory, audit logging, two-factor access controls, connectivity redundancy, and firewalls are built-in to the cloud provider platform. And yet, assets on public cloud are compromised just as those in traditional data centers. Mandiant estimates that fifteen percent of all of its incident response involves public cloud assets. If the cloud is more secure, why is it still getting hacked? This presentation will describe cloud threats learned from incident response and how they can be mitigated using traditional and emerging approaches by delving into the anatomy of a cloud compromise. It will provide a look at critical controls for securing IaaS, SaaS, and PaaS implementations against advanced threat actors and some questions to help assess your organization’s current level of cloud security.