Almost every cloud breach in recent years has taken advantage of mismanaged permissions, secrets, and identities. This session will dissect 8 real cloud breaches where attackers exploited insecure identities, each scenario unveiling unique insights, intriguing facets, and advice to mitigate similar risks. Themes include: Ownership of identity posture b/w Dev, Ops, & Sec is often unclear, leading to mistakes that stem from going fast Automation tech, serverless functions, & cloud-native activities require authentication. Often this is poorly managed, e.g. leaving secrets/credentials exposed in S3 state files (Human/machine identity management) MFA abuse through social engineering still works well SaaS apps are huge attack surface, with credentials being left everywhere: repos, Github, AD, Slack We will specifically highlight something interesting in each scenario and provide a key takeaway that is more useful than “lock your stuff down.”
Maya Levine is is a Product Manager for Sysdig. Previously she worked at Check Point Software Technologies as a Security Engineer and later a Technical Marketing Engineer, focusing on cloud security. Her earnest and concise communication style connects to both technical and business... Read More →