Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford
Dave Shackleford @daveshackleford, Summit Co-Chair, SANS Institute
#SANSCloudSummit 2020
For the past ten years or so, we've seen incredible growth in the development and use of cloud technologies and services. Right alongside that, sadly, has been an increase in attacks and breaches related to cloud services, as well as a few outages of note. As we're all interested in building implementing security controls and processes to help defend our cloud infrastructure, it's never a bad idea to break down some of the things we've seen go wrong, hopefully learning from them to avoid the same mishaps and incidents in our own environments.
In this talk, Dave will dissect a chronological list of cloud incidents of note, with a brief post-mortem and alignment with the MITRE ATT&CK framework. Some of the incidents we've seen are relatively straightforward, and others are much more nuanced, but we can learn something from all of them. This presentation will also include ample references for attendees to take back for their own research, as well.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford канала SANS Institute
#SANSCloudSummit 2020
For the past ten years or so, we've seen incredible growth in the development and use of cloud technologies and services. Right alongside that, sadly, has been an increase in attacks and breaches related to cloud services, as well as a few outages of note. As we're all interested in building implementing security controls and processes to help defend our cloud infrastructure, it's never a bad idea to break down some of the things we've seen go wrong, hopefully learning from them to avoid the same mishaps and incidents in our own environments.
In this talk, Dave will dissect a chronological list of cloud incidents of note, with a brief post-mortem and alignment with the MITRE ATT&CK framework. Some of the incidents we've seen are relatively straightforward, and others are much more nuanced, but we can learn something from all of them. This presentation will also include ample references for attendees to take back for their own research, as well.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford канала SANS Institute
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PowerShell 2020: State of the Art / Hack / Infection - SANS@Mic Keynote Network Security
Becoming a CISO: Leading Transformation
Threat Hunting in the Microsoft Cloud: Times They Are a-Changin' | John Stoner
SANS DFIR Webcast - APT Attacks Exposed: Network, Host, Memory, and Malware Analysis
A Cloud Security Architecture Workshop
Threat Hunting via Sysmon - SANS Blue Team Summit
Applied Data Science and Machine Learning for Cybersecurity - SANS Tactical Detection Summit 2018
How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
Securing Cloud Deployments: A Red Team Perspective | Matt Burrough
Zero-Trust Networks: The Future Is Here - SANS Blue Team Summit 2019
Raising the Tide: Driving Improvement in Security By Being a Good Human | David Bianco
Spooky RYUKy: The Return of UNC1878 | SANS STAR Webcast
Journey Through the Cloud - Security Best Practices
Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
The Value of Commercial Threat Intelligence Sources | STAR Webcast
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
SANS DFIR Webcast - Memory Forensics for Incident Response
What is Cloud Security?