Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford
Dave Shackleford @daveshackleford, Summit Co-Chair, SANS Institute
#SANSCloudSummit 2020
For the past ten years or so, we've seen incredible growth in the development and use of cloud technologies and services. Right alongside that, sadly, has been an increase in attacks and breaches related to cloud services, as well as a few outages of note. As we're all interested in building implementing security controls and processes to help defend our cloud infrastructure, it's never a bad idea to break down some of the things we've seen go wrong, hopefully learning from them to avoid the same mishaps and incidents in our own environments.
In this talk, Dave will dissect a chronological list of cloud incidents of note, with a brief post-mortem and alignment with the MITRE ATT&CK framework. Some of the incidents we've seen are relatively straightforward, and others are much more nuanced, but we can learn something from all of them. This presentation will also include ample references for attendees to take back for their own research, as well.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford канала SANS Institute
#SANSCloudSummit 2020
For the past ten years or so, we've seen incredible growth in the development and use of cloud technologies and services. Right alongside that, sadly, has been an increase in attacks and breaches related to cloud services, as well as a few outages of note. As we're all interested in building implementing security controls and processes to help defend our cloud infrastructure, it's never a bad idea to break down some of the things we've seen go wrong, hopefully learning from them to avoid the same mishaps and incidents in our own environments.
In this talk, Dave will dissect a chronological list of cloud incidents of note, with a brief post-mortem and alignment with the MITRE ATT&CK framework. Some of the incidents we've seen are relatively straightforward, and others are much more nuanced, but we can learn something from all of them. This presentation will also include ample references for attendees to take back for their own research, as well.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford канала SANS Institute
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PowerShell 2020: State of the Art / Hack / Infection - SANS@Mic Keynote Network SecurityBecoming a CISO: Leading TransformationThreat Hunting in the Microsoft Cloud: Times They Are a-Changin' | John StonerSANS DFIR Webcast - APT Attacks Exposed: Network, Host, Memory, and Malware AnalysisA Cloud Security Architecture WorkshopThreat Hunting via Sysmon - SANS Blue Team SummitApplied Data Science and Machine Learning for Cybersecurity - SANS Tactical Detection Summit 2018How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK FrameworkSecuring Cloud Deployments: A Red Team Perspective | Matt BurroughZero-Trust Networks: The Future Is Here - SANS Blue Team Summit 2019Raising the Tide: Driving Improvement in Security By Being a Good Human | David BiancoSpooky RYUKy: The Return of UNC1878 | SANS STAR WebcastJourney Through the Cloud - Security Best PracticesExploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017The Value of Commercial Threat Intelligence Sources | STAR WebcastIntroduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017SANS DFIR Webcast - Memory Forensics for Incident ResponseWhat is Cloud Security?