Threats Against Application Identities in the Microsoft Cloud
▬▬▬▬▬▬ ABSTRACT & BIO 📝 ▬▬▬▬▬▬
Do you know what risky behaviour your application identities are up to and how to protect them and your Microsoft cloud environment? This session will review current threats against application identities and what you can do about them.
Etan Basseri
Etan Basseri is a Senior Program Manager in Microsoft’s Identity Security & Protection team, where he helps build AI-based systems to detect and remediate account compromise for applications and other non-human identities. Prior to joining the tech industry, he worked as an attorney helping organizations manage and mitigate operational risk. Outside of work he loves to travel, hike, and build Legos with his kids.
Shinesa Cambric
Shinesa Cambric is a Principal Program Manager with Microsoft. Her background is in the strategic design of cloud IAM solutions, building insider risk programs, and providing unique subject matter expertise on the intersection of GRC with IT and application security. She holds several industry credentials (CISSP, CISA, CISM, CCSP), is a task and certification content advisor for CertNexus and CompTIA, and is part of the content review committee for Cloud Security Alliance. Her work has been included in global IT industry forums such as SANS, ITSPMagazine Podcast, RSAC, BrightTALK, and Plan4Privacy. She currently serves as the training lead for the Dallas chapter of Women’s Society of Cyberjutsu, a member of the operational team for non-profit group CloudGirls, an identity champion for Identity Defined Security Alliance, and an occasional host for the OWASP DevSlop show.
▬▬▬▬▬▬ Links 🔗 ▬▬▬▬▬▬
Slides PDF: https://drive.google.com/file/d/1xew5fZALpHCDXlsXONDWsFLV14fxMpJu/view?usp=sharing
Resources: https://drive.google.com/file/d/1dttwhicKg_e-2mJjI-eddYY70bThVVB1/view?usp=sharing
▬▬▬▬▬▬ Producer 🎥 ▬▬▬▬▬▬
Nancy Gariché ► https://www.linkedin.com/in/nancygariche
▬▬▬▬▬▬ Hosts 🎙️ ▬▬▬▬▬▬
Nikki Becher ► https://twitter.com/thedeadrobots
▬▬▬▬▬▬ Connect with Us 👋 ▬▬▬▬▬▬
YOUTUBE ► https://www.youtube.com/c/OWASPDevSlop/
DEV ► https://dev.to/devslop
INSTAGRAM ► https://www.instagram.com/owaspdevslop/
TWITTER ► https://twitter.com/Owasp_DevSlop
MEETUP ► https://www.meetup.com/OWASP-DevSlop-Project
Видео Threats Against Application Identities in the Microsoft Cloud канала OWASP DevSlop
Do you know what risky behaviour your application identities are up to and how to protect them and your Microsoft cloud environment? This session will review current threats against application identities and what you can do about them.
Etan Basseri
Etan Basseri is a Senior Program Manager in Microsoft’s Identity Security & Protection team, where he helps build AI-based systems to detect and remediate account compromise for applications and other non-human identities. Prior to joining the tech industry, he worked as an attorney helping organizations manage and mitigate operational risk. Outside of work he loves to travel, hike, and build Legos with his kids.
Shinesa Cambric
Shinesa Cambric is a Principal Program Manager with Microsoft. Her background is in the strategic design of cloud IAM solutions, building insider risk programs, and providing unique subject matter expertise on the intersection of GRC with IT and application security. She holds several industry credentials (CISSP, CISA, CISM, CCSP), is a task and certification content advisor for CertNexus and CompTIA, and is part of the content review committee for Cloud Security Alliance. Her work has been included in global IT industry forums such as SANS, ITSPMagazine Podcast, RSAC, BrightTALK, and Plan4Privacy. She currently serves as the training lead for the Dallas chapter of Women’s Society of Cyberjutsu, a member of the operational team for non-profit group CloudGirls, an identity champion for Identity Defined Security Alliance, and an occasional host for the OWASP DevSlop show.
▬▬▬▬▬▬ Links 🔗 ▬▬▬▬▬▬
Slides PDF: https://drive.google.com/file/d/1xew5fZALpHCDXlsXONDWsFLV14fxMpJu/view?usp=sharing
Resources: https://drive.google.com/file/d/1dttwhicKg_e-2mJjI-eddYY70bThVVB1/view?usp=sharing
▬▬▬▬▬▬ Producer 🎥 ▬▬▬▬▬▬
Nancy Gariché ► https://www.linkedin.com/in/nancygariche
▬▬▬▬▬▬ Hosts 🎙️ ▬▬▬▬▬▬
Nikki Becher ► https://twitter.com/thedeadrobots
▬▬▬▬▬▬ Connect with Us 👋 ▬▬▬▬▬▬
YOUTUBE ► https://www.youtube.com/c/OWASPDevSlop/
DEV ► https://dev.to/devslop
INSTAGRAM ► https://www.instagram.com/owaspdevslop/
TWITTER ► https://twitter.com/Owasp_DevSlop
MEETUP ► https://www.meetup.com/OWASP-DevSlop-Project
Видео Threats Against Application Identities in the Microsoft Cloud канала OWASP DevSlop
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep with Clint GiblerHow to Analyze Code for Vulnerabilities using JoernOWASP DevSlop Show: Rapid Threat Model Prototyping with Geoffrey Hill!DevSlop Game Day Recap & Solution with Renan DiasPrivilege Escalation in the Cloud with Carlos PolopThe Act of Balancing: Burnout in Cybersecurity with Chloé Messdaghi!Github Actions Security Best Practices with Reethi KottiContainers in a nutshell — ähm pod! Containers in a podKnock Your SOCs Off: Modernizing Security Operations with Kat Sweet!Shifting Cloud Security Left: Scanning Infrastructure as Code for Security IssuesLogging & Monitoring on AWS 101 with Veliswa Boya! - OWASP DevSlopAppSec at the Speed of DevOps: 3 Common Mistakes with Erica Anderson!GitOps and Best Practices for Managing Infrastructure with Javeria Khan!Vulnerability Writeups: The Magical 5 Minute FormulaCeci n'est pas une Pipeline: is it CI/CD or WHAT?Compromised Compilers - A new perspective of supply chain cyber attacksAutomating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlopCloud Security and IAM for DevelopersYellow Team + Blue Team = Green TeamAccount Security beyond 2FA with Neil Matatall