Threats Against Application Identities in the Microsoft Cloud
▬▬▬▬▬▬ ABSTRACT & BIO 📝 ▬▬▬▬▬▬
Do you know what risky behaviour your application identities are up to and how to protect them and your Microsoft cloud environment? This session will review current threats against application identities and what you can do about them.
Etan Basseri
Etan Basseri is a Senior Program Manager in Microsoft’s Identity Security & Protection team, where he helps build AI-based systems to detect and remediate account compromise for applications and other non-human identities. Prior to joining the tech industry, he worked as an attorney helping organizations manage and mitigate operational risk. Outside of work he loves to travel, hike, and build Legos with his kids.
Shinesa Cambric
Shinesa Cambric is a Principal Program Manager with Microsoft. Her background is in the strategic design of cloud IAM solutions, building insider risk programs, and providing unique subject matter expertise on the intersection of GRC with IT and application security. She holds several industry credentials (CISSP, CISA, CISM, CCSP), is a task and certification content advisor for CertNexus and CompTIA, and is part of the content review committee for Cloud Security Alliance. Her work has been included in global IT industry forums such as SANS, ITSPMagazine Podcast, RSAC, BrightTALK, and Plan4Privacy. She currently serves as the training lead for the Dallas chapter of Women’s Society of Cyberjutsu, a member of the operational team for non-profit group CloudGirls, an identity champion for Identity Defined Security Alliance, and an occasional host for the OWASP DevSlop show.
▬▬▬▬▬▬ Links 🔗 ▬▬▬▬▬▬
Slides PDF: https://drive.google.com/file/d/1xew5fZALpHCDXlsXONDWsFLV14fxMpJu/view?usp=sharing
Resources: https://drive.google.com/file/d/1dttwhicKg_e-2mJjI-eddYY70bThVVB1/view?usp=sharing
▬▬▬▬▬▬ Producer 🎥 ▬▬▬▬▬▬
Nancy Gariché ► https://www.linkedin.com/in/nancygariche
▬▬▬▬▬▬ Hosts 🎙️ ▬▬▬▬▬▬
Nikki Becher ► https://twitter.com/thedeadrobots
▬▬▬▬▬▬ Connect with Us 👋 ▬▬▬▬▬▬
YOUTUBE ► https://www.youtube.com/c/OWASPDevSlop/
DEV ► https://dev.to/devslop
INSTAGRAM ► https://www.instagram.com/owaspdevslop/
TWITTER ► https://twitter.com/Owasp_DevSlop
MEETUP ► https://www.meetup.com/OWASP-DevSlop-Project
Видео Threats Against Application Identities in the Microsoft Cloud канала OWASP DevSlop
Do you know what risky behaviour your application identities are up to and how to protect them and your Microsoft cloud environment? This session will review current threats against application identities and what you can do about them.
Etan Basseri
Etan Basseri is a Senior Program Manager in Microsoft’s Identity Security & Protection team, where he helps build AI-based systems to detect and remediate account compromise for applications and other non-human identities. Prior to joining the tech industry, he worked as an attorney helping organizations manage and mitigate operational risk. Outside of work he loves to travel, hike, and build Legos with his kids.
Shinesa Cambric
Shinesa Cambric is a Principal Program Manager with Microsoft. Her background is in the strategic design of cloud IAM solutions, building insider risk programs, and providing unique subject matter expertise on the intersection of GRC with IT and application security. She holds several industry credentials (CISSP, CISA, CISM, CCSP), is a task and certification content advisor for CertNexus and CompTIA, and is part of the content review committee for Cloud Security Alliance. Her work has been included in global IT industry forums such as SANS, ITSPMagazine Podcast, RSAC, BrightTALK, and Plan4Privacy. She currently serves as the training lead for the Dallas chapter of Women’s Society of Cyberjutsu, a member of the operational team for non-profit group CloudGirls, an identity champion for Identity Defined Security Alliance, and an occasional host for the OWASP DevSlop show.
▬▬▬▬▬▬ Links 🔗 ▬▬▬▬▬▬
Slides PDF: https://drive.google.com/file/d/1xew5fZALpHCDXlsXONDWsFLV14fxMpJu/view?usp=sharing
Resources: https://drive.google.com/file/d/1dttwhicKg_e-2mJjI-eddYY70bThVVB1/view?usp=sharing
▬▬▬▬▬▬ Producer 🎥 ▬▬▬▬▬▬
Nancy Gariché ► https://www.linkedin.com/in/nancygariche
▬▬▬▬▬▬ Hosts 🎙️ ▬▬▬▬▬▬
Nikki Becher ► https://twitter.com/thedeadrobots
▬▬▬▬▬▬ Connect with Us 👋 ▬▬▬▬▬▬
YOUTUBE ► https://www.youtube.com/c/OWASPDevSlop/
DEV ► https://dev.to/devslop
INSTAGRAM ► https://www.instagram.com/owaspdevslop/
TWITTER ► https://twitter.com/Owasp_DevSlop
MEETUP ► https://www.meetup.com/OWASP-DevSlop-Project
Видео Threats Against Application Identities in the Microsoft Cloud канала OWASP DevSlop
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep with Clint Gibler
How to Analyze Code for Vulnerabilities using Joern
OWASP DevSlop Show: Rapid Threat Model Prototyping with Geoffrey Hill!
DevSlop Game Day Recap & Solution with Renan Dias
Privilege Escalation in the Cloud with Carlos Polop
The Act of Balancing: Burnout in Cybersecurity with Chloé Messdaghi!
Github Actions Security Best Practices with Reethi Kotti
Containers in a nutshell — ähm pod! Containers in a pod
Knock Your SOCs Off: Modernizing Security Operations with Kat Sweet!
Shifting Cloud Security Left: Scanning Infrastructure as Code for Security Issues
Logging & Monitoring on AWS 101 with Veliswa Boya! - OWASP DevSlop
AppSec at the Speed of DevOps: 3 Common Mistakes with Erica Anderson!
GitOps and Best Practices for Managing Infrastructure with Javeria Khan!
Vulnerability Writeups: The Magical 5 Minute Formula
Ceci n'est pas une Pipeline: is it CI/CD or WHAT?
Compromised Compilers - A new perspective of supply chain cyber attacks
Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop
Cloud Security and IAM for Developers
Yellow Team + Blue Team = Green Team
Account Security beyond 2FA with Neil Matatall