Name: How to See AWS Workload-Level Risks Without Agents
Start: 2020-06-09T17:00:00Z
End: 2020-06-09T17:57:43.000Z
Location: BrightTALK
Rating: 4.86

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

While cloud technology is not new, and many organizations have been on their cloud journey for years, cloud service providers continue evolving with new features and services. 

The fast change and growth make it difficult for many organizations to catch up and inadvertently introduce security weaknesses. 

Join our webinar as we talk through this year’s results of the Unit 42™ Cloud Threat Report!

Our experts offer insights into the most common drivers of cloud incidents and breaches today, giving security leaders and practitioners a comprehensive view of cloud security threats. These findings should enable leaders to understand the greatest risks to their cloud environment and how to manage them most effectively.

The topics we surveyed:
• Cloud breach incidents of fortune medium and large-size companies.
• Cloud threat actors.
• Complications in the cloud.
• Impacts and risks of open-source software in the cloud.

Unit 42™ Cloud Threat Report

Runtime threats like ransomware or memory injection can brick a cloud workload in seconds. Cloud workload protection platforms (CWPP) must provide real-time detection and response, if they are to be effective in defending against machine-speed attacks. 

Join SentinelOne cloud engineers as they discuss the necessary components of effective CWPP detection engines. They will provide an architectural overview and a look at the mechanics behind Static AI, Behavioral AI, Application Control, and Custom Detection engines.

Don't miss an opportunity to learn how CWPP solutions and the unique engines that power them can safeguard your organization's cloud infrastructure from runtime attacks.

The CWPP Revolution: Autonomous Detection Engines for Cloud Workload Security

When following best practices for secure access in the cloud, things often seem to start off so simple. Least privilege makes sense. Enforcing credential rotation, strong passwords and the such all seem easy. 

But then you’re faced with fact that the vast majority of breaches today are access/identity-based, and that recent research shows that 85% of access grants were never used in a 90-day period. All of a sudden things aren’t so simple.

Why exactly is there so much drift between access management best practices and the reality of access in the cloud? And how do you improve on your current privilege implementations?

In this webinar, you’ll learn:
• Access management best practices for AWS 
• Typical areas where organizations falter in those implementations
• How to audit access in the cloud to measure success of least privilege efforts
• Even better best practices for defense in depth for your cloud environments
• How to implement Just-in-Time and Dynamic Access

5 Ways Access Management Goes Awry in AWS

Proper permissioning is foundational to secure implementation and administration of SaaS applications. Customer demand and vendors build fine-grained and highly flexible permissioning models but inadvertently make understanding who exactly has access to what extraordinarily difficult. Compounding this challenge is each app’s unique approach to permissioning, and even apps that appear to have similar models often differ in nuanced but meaningful ways. Multiply this situation by hundreds of apps in an enterprise portfolio and you understand why applying and maintaining effective permissions is nearly impossible for today's app owners and security team. Join AO Labs and it’s SaaS security experts to understand the realities of modern SaaS permissioning, its challenges, possible attack vectors, and ways you can protect your organization.

Untying the Gordian Knot: Making Sense of SaaS App Permissions Models

Learn what’s keeping 2,500 of your peers awake at night. Stay informed with empirical insights to inform your cloud-native security decisions.The State of Cloud-Native Security Report 2023 is the result of a months-long survey traversing seven countries and five sectors of industry to consult with 2,500 cloud security and DevOps professionals — from chief executives to developers to security technicians — with the goal of identifying pivotal decisions affecting cloud-native development and security outcomes.Join our webinar for the results of this year’s survey and a fresh look at the top challenges and best practices in cloud-native security.Our expert will walk you through important findings:
• 90% of orgs can’t detect, contain and resolve cyberthreats within an hour.
• New deployment frequency has increased by 68% in the past 12 months.
• 73% of organizations report an above average turnover rate in cloud security roles.
• 78% of respondents want better day-one security from tools.
• 77% of organizations say aligning security tools with security goals is challenging.
You do not want to miss this session!

The State of Cloud-Native Security 2023

Nearly every enterprise relies on Salesforce to manage customer relationships and build new applications designed to drive business outcomes and innovation. But a secure Salesforce environment requires more than configuration management to mitigate a SaaS breach.

Overlooking the shared responsibility during implementation and in everyday operations can lead to potential risks. Salesforce admins, security practitioners, and IT teams need visibility into Salesforce security settings – along with the plug-ins and SaaS-to-SaaS apps connected to it – to remediate issues promptly and decisively.

Join Salesforce Security Technical Architect Rachel Beard and AppOmni CTO & Co-Founder Brian Soby to learn:
• The details and implications of the SaaS security shared responsibility model
• Why proactive event monitoring and alerts for prevention are essential
• Methods for detecting configuration drifts and over-permissioned users 
• How to sequence the event and alerts within Salesforce and its SaaS ecosystem for breach detection and remediation

How to Fortify Your Salesforce Ecosystem Security

Agility and security do not have to be in conflict, and businesses of all sizes have the capacity to innovate swiftly and operate securely. 

Join SentinelOne and Wiz for a webinar as we discuss cloud security at scale, and what our new partnership means to both customers and the security community. We’ll cover how we plan to translate our “better-together” vision into reality through the integration of our platforms with:

• Enhanced discovery, visibility, prioritization, and response 
• Risk assessments and enrichment of threat details
• Real-time cloud threat detection

By combining the leading CWPP and CNAPP technology on the market today, we’re excited to bring to life the best-of-breed cloud security solution that companies require to tackle today’s cloud threat landscape.

Intersecting Cloud Security and Agility with SentinelOne and Wiz

Although the public cloud offers cost efficiency and agility, concerns about security and controls remain obstacles for many organizations. IDC reports that 85% of workloads in regulated sectors, such as banking, are still blocked, and regulators are increasingly scrutinizing cloud data processing and control strategies.

Confidential Computing is a revolutionary technology that allows for the safe execution of sensitive and regulated workloads in the public cloud. Join this webinar to learn how Confidential Computing can help your organization overcome cloud transformation challenges and comply with new regulations. Discover:
• How Confidential Computing enables workload isolation at the hardware level, data-in-use encryption, and code authenticity verification
• A multinational bank's successful experience with securely offloading legacy mainframe infrastructure, resulting in significant cost savings and improved customer service
• How Confidential Computing can unlock new possibilities for your business in the public cloud

Unblocking Regulated Workload Cloud Migration with Confidential Computing

CSA Data Loss Prevention (DLP) Survey Says:  CISOs Face Challenges & Choices—some obvious, and some not. 

The upsurge in hybrid work and cloud adoption on a global scale is no surprise. Organizations increasingly trust cloud with their data, but sensitive data is still at risk in cloud and requires comprehensive data protection strategies encompassing every organizations’ environments. Join Cloud Security Alliance and Netskope as they demystify the findings gathered from their recent data loss prevention and data security survey. Speakers John Yeoh, Global VP of Research at CSA and Carmine Clementelli, Product Marketing Director at Netskope will cover how organizations are:
• Transferring and sharing data today
• Solving complex multi-cloud and hybrid environments
• Thinking to minimize complexity and creating suitable data protection strategies

CSA Data Loss Prevention (DLP) Survey Says: CISOs Face Challenges & Choices

$4.35MM: average cost of a data breach in 2022

It’s smart to know the coverage amounts of cybersecurity insurance policies for your organization, suppliers, and partners. It’s arguably more important to focus your infosec team’s attention on those policies' limitations - or stipulations - to better protect your organization. Did you know cybersecurity insurance policies do not cover losses incurred from a breach because of poor security practices or unreported failures? Insurance is not a substitute for poor practices.

In this session, we’ll review how to better manage cybersecurity insurance data, including measuring your levels of risk from non-compliant controls or potential third-party exposure.

Learning Objectives: 
• How to identify missing coverage in your cybersecurity insurance policies
• Processes for reporting compliance practices to avoid non-coverage issues
• Tracking and analyzing risk from third-party cybersecurity insurance gaps

Cybersecurity Insurance: How are you preparing for what’s not covered?

Managing access in the cloud can be a daunting challenge. From having to support multi-cloud environments, to managing multiple cloud provider-specific secret vaults, the cloud has unique challenges that must be overcome if teams are to ensure secure, auditable access.

Join this session to learn:
• The unique access management challenges posed by cloud environments
• How to approach secure and auditable access in the cloud
• Tangible steps you can take to simplify access management across your cloud environment

Simplifying Access Management in Hybrid & Multi-Cloud Environments

In today's world, data breaches and insider threats are becoming increasingly common, and controlling access to sensitive information is crucial for organizations. The majority of these misconfigurations are associated with Identity and Access Management (IAM) as identity and credentials are the crown jewel for adversaries to gain access to critical infrastructure.

Cloud Identity and Entitlement Management (CIEM) is a new approach to IAM that addresses these limitations and provides greater visibility and control over permissions. 

In this webinar, we will 
• Explore why companies struggle with managing Identity and access in the cloud
• Why least privilege is so important
• How attackers move laterally by abusing permissions
• Enforcing least privilege access with CIEM

Stopping Privilege Escalation In The Cloud With Least Privilege

As multicloud environments expand, there are more identities and permissions organizations need to effectively manage. In fact, our recent State of Cloud Permissions Risks Report finds that there are over 40,000 permissions across major clouds but human and workload identities across multicloud are using only 1% of their permissions granted; this delta is called the Permissions Gap. The bigger the gap, the more significant risk for accidental or malicious permission misuse. To add to this problem, we've found that the number of workload identities accessing cloud resources has doubled since 2021, now outnumbering human identities 10:1. Eliminating the Permissions Gap, monitoring risky identities, and applying adaptive access for both human and workload identities is crucial for securing multicloud environments from a potential breach. Join this webinar to explore permission risks and to dive into effective strategies for right-sizing and managing human and workload identities at cloud scale.

Securing Human and Workload Identities across Multicloud Infrastructure

Cloud adoption is expanding rapidly, and with that expansion comes new complexities. The speed of growth and change in the cloud creates an ever-changing threat landscape. Wiz Research is at the forefront of the cloud's threat landscape and is behind the discovery of vulnerabilities like ChaosDB, ExtraReplica, AttachMe and OMIGOD. In this session, we will cover the major cloud threats recently seen by the Wiz Research team which includes supply chain risks, data exposure, API security threats, and attack patterns used by groups such as LAP$U$. This session summarizes key insights across customers, Wiz and third-party threat research, and numerous other sources.

Top Cloud Threats in 2023 and Pragmatic Steps to Mitigate Them

Data is one of the fastest growing things on the planet and a huge driver of growth for companies. Due to the high value of data, it is the most frequent target in security attacks. With increasing data security and privacy risks, companies are looking at Data Security Posture Management (DSPM), an emerging technique, to protect sensitive data. With DSPM, organizations can gain real-time insights into sensitive data they hold, reduce data system vulnerabilities, and prevent unauthorized access.

A DSPM implementation also presents a unique opportunity for organizations to leverage a common layer of sensitive data intelligence to unify data security, privacy, compliance, and governance controls. With a unified data controls approach, organizations can drive business results while optimizing for costs and risks. Join our panel of security experts as they discuss a wide range of DSPM topics including what it means, mistakes to avoid when choosing a DSPM solution, and the right implementation approach.

In this session, you will learn how to:
-      Build a layer of sensitive data intelligence across multiple clouds and SaaS apps
-      Eliminate security blindspots across Dark and Streaming data
-      Prioritize & remediate misconfigurations based on sensitive data context
-      Monitor data usage and prevent unauthorized access
-      Compare DSPM solutions on criteria such as accuracy, scalability, coverage, and cost
-      Improve collaboration with a unified data security, privacy, and governance approach

DSPM Done Right! Maximize Cloud Data Security While Unifying All Data Controls

Organizations are being asked to support increasingly distributed workforces and fluid return-to-work plans. At the same time, they must protect themselves against the rising number of identity-based cyber attacks - which are the leading cause of compromise today. Traditional approaches to identity are often fragmented, complex, and lack agility - making it difficult to stay ahead of today’s threats. Organizations with gaps in their identity security are significantly more at risk.

A Zero trust security strategy provides a framework for organizations to help solve these challenges. The core principle that prompts adoption of this mindset is that the perimeter has shifted, trust needs to be established at the point of connection, people are effectively the new perimeter. This means that organizations who are on a Zero Trust journey need a strong identity solution to serve as their starting point. Learn how a comprehensive, identity-first security strategy can tie the complexities of protecting people and assets together in a seamless experience.

Approaching Security with an Identity-First Mindset

In this session, we will demonstrate how the cross reference can help security practitioners leverage the two resources to deploy effective controls over their multi-cloud environments.

Join Benoit Heynderickx (ISF) and Lefteris Skoutaris (CSA) on the 18th April 2023 to learn:
- what is the CSA CCM, and the importance of cloud controls
- how SOGP can be used by focusing on those controls that are mapped to CSA CCM  
- how to utilise the mapping to determine gaps within your cloud environments and where both the SOGP and the CSA CCM can be used to resolve these gaps.

Speakers:
Benoit Heynderickx - Principal Analyst, ISF

Benoit is a Principal Analyst at the ISF specialising in supply chain, cloud security and quantitative risk analysis. As an experienced information security professional, he has a wealth of knowledge and practical experience implementing large scale information security and risk programmes such as ISMS, SOX IT Compliance, and third-party risk assurance programmes. Benoit holds security certifications from ISACA and the CSA, as well as an MSc in Information Security and Risk from City, University of London. Benoit is also a Full Member of the Chartered Institute of Information Security.

Lefteris Skoutaris - Program Manager, Cloud Security Alliance (CSA)

Lefteris has been working as a security analyst for the Cloud Security Alliance (CSA) over the past 5 years and is currently managing CSA’s Cloud Controls Matrix (CCM) Working Group (WG) and CCM V4.0 program development activities. Mr. Skoutaris has previously worked at the European Space Agency (ESA) and European Organization for Network and Information Security (ENISA). He has been substantially contributing to cyber and cloud security related projects on research, architecture and frameworks development.

Using the SOGP and CCM for Multi-Cloud Security

ChatGPT has recently taken the world by storm. Quick school projects, coding projects, and other miscellaneous yet difficult tasks have seemingly become easier to produce and at a much quicker pace than it would take a...human. But what does this mean when we discuss security side by side with this growing trend of AI.  In this panel, we will analyze an overall discussion on the topic of ChatGPT and its impact on cloud, technology, and the security landscape, and what we have to expect in the future.

ChatGPT Security Implications

Learn modern AWS security best practices with Sisense, Orca Security, and Special Guest Sounil Yu, Former Chief Security Scientist, Bank of America

We’ll start off with Sounil Yu, the former Chief Security Scientist at Bank of America, who will explain how to use his Cyber Defense Matrix to gain a thorough understanding of cloud security.

Then we’ll dive into the practitioner’s perspective with Sisense Cloud Security Engineer Aaron Brown, who will speak to the challenges around rapidly scaling cloud infrastructure, while still maintaining security and visibility into your assets.

Aaron and Sounil will be joined by Avi Shua, CEO and co-founder of Orca Security, former chief technologist at Check Point Software Technologies. It’s going to be a fast-paced hour as we start with the theoretical and quickly dive all the way down into Aaron’s “notes from the field”.

Get ready to ask your toughest AWS security questions as we discuss:

- How to use the Cyber Defense Matrix to gain a thorough understanding of cloud security

- The 6 risks hiding inside every large AWS environment

- Technical takeaways, advice, and pitfalls to avoid from Sisense

- Pros and cons of different cloud security tools: AWS GuardDuty, traditional agent-based tools and scanners, and CSPM (cloud security posture management)

- New approach to quickly eliminating hidden risks

How to See AWS Workload-Level Risks Without Agents

Cloud Security

Cyber Security

Risk Management

Cloud Visibility

Cloud Infrastructure

IT Security

Multi Cloud

Workloads

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How to See AWS Workload-Level Risks Without Agents

Presented by

About this talk

More from this channel