As an increasing number of businesses are now using hyperscale cloud providers to store their customers’ data, attackers will look to exploit any security vulnerabilities they can find.
These cloud environments are home to treasure troves of proprietary and sensitive information that can put companies and their customers at risk if they are breached by bad actors.
However, many organisations are still discovering best practices surrounding cloud security and incident response, particularly in an environment that is evolving rapidly.
With this in mind, O'Shea Bowens, founder and CEO of US-based Null Hat Security, will be presenting on “Chasing bad actors into the cloud ”, at the ITWeb Security Summit 2022, to be held from 31 May to 2 June at the Sandton Convention Centre.
The objective of his presentation is to create dialogue about the changing landscape concerning cloud environments. “It doesn't matter which of the big three cloud providers we focus on, there is a lack of conversation around how we identify sketchy activity of threat actors.”
He says currently we are overwhelmed with threat actors leveraging cloud services to host attacking infrastructure, identify buckets and accounts with weak security controls, and many more nefarious types of activity.
The question, is: “What are we doing about it?”
During his talk, Bowens will share his research and techniques for hunting across cloud services, identifying attacker activity and strengthening cloud environments.
As a disclaimer, he says he will try not to rag on any specific cloud providers, but will rather teach attendees how to understand and identify the attack vector for cloud workloads, as well as what type of detections will aid in sniffing out attacks against cloud infrastructure.
He will review real-world breach scenarios within cloud environments, and will demonstrate how to begin threat hunting for attacker activity while leveraging native and open source tools to block and respond to cloud threats.
Share