Hi [[ session.user.profile.firstName ]]

Least Privilege as Code: Standardizing Management of Cloud Entitlements

Security at scale requires consistent controls.

Cloud security and operations teams must be careful to consistently define processes for provisioning, reviewing, and removing IAM permissions. Otherwise, accelerating cloud adoption can lead to permissions sprawl and excessive access that can be manipulated by attackers.

The tried-and-true principle of least privilege access – in which all identities have the minimum necessary permissions to function – can help. But without automated, efficient processes to map and manage permissions at scale, least privilege can be easier said than done.

Join CyberArk Principal Solutions Engineer, Adam Markert for a breakdown of:
- Recent growth in the landscape of possible permissions across AWS, Azure and GCP
- Least privilege access – what it is and how to get there in the cloud
- IAM best practices from governments, compliance frameworks and cloud providers
- Strategies for building scalable, consistent controls and automation workflows to review and remove risky access
Live online Jun 3 4:00 pm UTC
or after on demand 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Adam Markert, Principal Solutions Architect, CyberArk
Presentation preview: Least Privilege as Code: Standardizing Management of Cloud Entitlements
  • Channel
  • Channel profile
  • Gaps and Bridges, Problems and Solutions May 19 2021 5:00 pm UTC 1 min
    Daniele Catteddu, CTO, Cloud Security Alliance
    The knowledge and skills gap in the cybersecurity industry is a problem that has been identified and discussed for the past 20 years. However, with the rapid acceleration of technology development, the skills gap seems to worsen as time goes by and may soon become a systemic deficiency. In this presentation, we will highlight some of the key challenges that our community is facing in regards to the skills gap. We will also present some of the ongoing CSA activities intended to help mitigate this issue, including a call for a coordinated multi-stakeholder and multiplayer plan.
  • 5 Ways to Improve Your Cloud Security May 19 2021 4:00 pm UTC 60 mins
    Ryan Davis, Sr. Cloud Product Marketing Manager at ExtraHop
    Cybersecurity has never been easy, and as enterprises expand their footprints in the cloud, they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. Cloud environments are highly dynamic, and many security tools struggle to match the scale and elasticity the cloud provides. Security teams need to regain the advantage over attackers, and network data offers an elegant solution to improving observability, threat detection, and response.


    In this webinar we’ll discuss 5 ways to think about cloud security from a network perspective:
    1. Know your datasource
    2. Secure your entire attack surface
    3. Investigate and hunt threats
    4. Take advantage of the power of forensics
    5. Detect and immediately respond to advanced threats

    You’ll also get a quick demo highlighting how these 5 key components of stronger security can be put into action in your cloud environment. Learn how the power of Network Detection and Response solutions can help you reclaim the upper hand in your cloud environments.
  • 5 Ways to Improve Your Cloud Security May 19 2021 4:00 pm UTC 60 mins
    Ryan Davis, Sr. Cloud Product Marketing Manager at ExtraHop
    Cybersecurity has never been easy, and as enterprises expand their footprints in the cloud, they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. Cloud environments are highly dynamic, and many security tools struggle to match the scale and elasticity the cloud provides. Security teams need to regain the advantage over attackers, and network data offers an elegant solution to improving observability, threat detection, and response.


    In this webinar we’ll discuss 5 ways to think about cloud security from a network perspective:
    1. Know your datasource
    2. Secure your entire attack surface
    3. Investigate and hunt threats
    4. Take advantage of the power of forensics
    5. Detect and immediately respond to advanced threats

    You’ll also get a quick demo highlighting how these 5 key components of stronger security can be put into action in your cloud environment. Learn how the power of Network Detection and Response solutions can help you reclaim the upper hand in your cloud environments.
  • CSA CxO Trust: Strategies for the Cloud-Centric Enterprise May 19 2021 12:30 am UTC 1 min
    Raj Badhwar and Dr. Yonesy Nunez
    Strengthening Cloud Operations
    With the basics taken care of, it’s time to enhance and integrate your cloud operations. Learn how to develop a complete cloud security foundation that works with your legacy technology and still allows your team to move as quickly as possible. This session will consist of three 12-minute talks:

    Developing a Secure, Enterprise Cloud Operating Model
    Given the exponential increase in the number of cloud hosted applications and data breaches, we can learn from the mistakes others have made in their journeys to the cloud by defining and implementing a secure enterprise cloud operating model.
    Manage a Hybrid Cloud/Legacy IT technology Stack
    Value of Cloud Security Taking Advantage of Cloud Automation
    This presentation explores the gains security automation can bring to your business and cloud security areas where security automation should be applied.
  • CSA CxO Trust: Strategies for the Cloud-Centric Enterprise May 18 2021 11:30 pm UTC
    Stacey Halota, Mark Houpt, Randy Vickers
    Transitioning to the Cloud
    There are numerous things to keep in mind when transitioning to the cloud; . security concerns, compliance, and managing risk are just a few. This session will consist of three 12-minute talks:

    5 Critical Security Considerations for Cloud Migration
    Ultimately, security is about risk reduction and management, not just blocking and monitoring. In this talk, learn about the five key considerations before cloud implementation.
    Cloud Compliance – an Opportunity
    This session will describe how to fully leverage a new cloud migration, or make the most of an existing one to meet your compliance obligations and increase security and privacy.
    Managing Risk from 3rd Party Cloud Providers
    This presentation will give you key documents to look for from your cloud provider. We will provide strategies for reviewing the documents and extracting useful information that defines how your provider is protecting the environment.
  • CSA CxO Trust: Strategies for the Cloud-Centric Enterprise May 18 2021 10:30 pm UTC 1 min
    Rich Baich, David Cass, Nicole Darden Ford
    Evolving Cybersecurity with the Cloud
    Digital transformation to the cloud requires organizations to change many of their processes. Learn how the cloud will specifically impact your organization’s approach to cybersecurity and take away steps you can use to prepare. This session will consist of three 12-minute talks:

    Impact of Digital Transformation on Security Strategy
    How does Digital Transformation Change My Approach to Security?
    Organizational Impact of Enabling Cloud Security
    Rich Baich, Chief Information Security Officer at AIG, takes a step back and looks at the history behind the cloud phenomenon and the impact on today’s businesses on the future when it comes to enhanced operational efficiency and security.
  • CSA CxO Trust: Strategies for the Cloud-Centric Enterprise May 18 2021 9:30 pm UTC 37 mins
    Valerie Abend, Pete Chronis, Rick Doten, & Dan Mellen
    C-Suite Challenges in the Cloud

    Learn about the challenges members of the C-suite face, both technical and non-technical, as their organizations transition to the cloud. What can we learn from the past, and what should we think about as we look towards the future? This session will consist of three 12-minute talks:

    History of Organization Challenges Due to Technology Innovation--Here We Go Again with Cloud!
    This session will review the colorful history of how companies managed the introduction of new technologies, and what we might learn from them as we transition to the Cloud.
    Explaining Cloud Strategy to the Board of Directors
    Pete Chronis, Chief Trust Officer at the Cloud Security Alliance, will discuss how senior executives can educate corporate boards on the value and potential risk of embracing cloud technologies using language that is easy for board members to understand.
    Pitfalls and Power Plays for Cloud Security Leaders
    Hear from two global security delivery leads about the key Dos and Don'ts garnered from some of the largest cloud transformations.
  • It Ain't Done Until It's Automated: Security at the speed of DevOps Recorded: May 11 2021 51 mins
    TJ Gonen, Head of Cloud Product, & Hillel Solow, Architect - Cloud Innovation, Check Point
    Amidst the growing buzz for shift-left developer centric security methods, this session will highlight the need for a common ground between security and DevOps and offer guidance and best practices on how to build in security without impeding agility.
  • Healthcare’s Cloud Migration: 7 Emerging Data Security Risks Recorded: May 6 2021 62 mins
    Jon Moore, Chief Risk Officer and SVP Consulting Services, Clearwater
    Seeking flexibility, scalability, and cost-savings, an increasing number of healthcare organizations are
    moving systems and data to the Cloud. Fueled by increased adoption of telemedicine and wearable
    medical devices sparked by the pandemic and continuing investment and growth in Cloud-native health IT startups, the market for healthcare cloud computing is expected to grow from $28 billion in 2020 to nearly $65 billion over the next six years, according to a recent study by MarketDigits.

    While there are numerous benefits for healthcare organizations that adopt cloud models, introducing
    sensitive and protected data into the Cloud creates various new risks. As we’ve seen in some surveys, organizations are conflicted on whether cloud security makes it easier or more challenging to manage these risks. A recent Netwrix survey indicated that nearly 40% of respondents have had a cloud security incident in the past year, and nearly half of them could not diagnose the issue.

    During this webinar, Clearwater Chief Risk Officer and Head of Consulting Services Jon Moore will review recent examples of healthcare cloud security failures and discuss critical takeaways that organizations should note to avoid similar missteps.

    Attendees will learn:
    · Seven ways cloud security can go sideways resulting in a breach and HIPAA violation
    · Best practices to help your organization reduce risk and avoid a HIPAA violation in the Cloud
  • Best Practices for Accelerating Security Development in the Product Lifecycle Recorded: Apr 29 2021 58 mins
    Ningjing Gao, Principal Technical Program Manager - Security Team, Adobe
    If you are part of a security organization and noticing the constant resource competing with product feature development, you may have wondered how to further accelerate security work assigned to product teams. How can security best integrate with feature development to reserve engineering resources for security projects? Our team has developed an approach to provide clearer visibility into the security work that needs to be done. It also enabled us to be better aligned with the existing product development process.

    In this webcast we Ningjing Gao, Principal Technical Program Manager for Security at Adobe, will talk about what we did to improve our processes and shared additional best practices that can help you make it more efficient and effective for product teams to build security into everything they do at your organization.
  • Applying Zero-Trust Security to Cloud Workload Protection Recorded: Apr 27 2021 49 mins
    Willy Leichter, VP-Marketing and Product Strategy, Virsec
    As attacks on software supply chains and critical applications not only continue but accelerate, we need to extend a next-generation zero-trust model into cloud workloads during runtime. To understand why runtime remains a choice target for threat actors, look no further than the recent SolarWinds and Microsoft Exchange server attacks. Both exploits executed undetected and undeterred in runtime, easily evading existing security measures such as threat hunting and EDR/EPP tools.

    Zero trust is a powerful concept, but many think it only applies to users, devices, and networks. Implementing a next-generation Zero-Trust model, one that incorporates application-aware workload protection, can ensure that only the right code and processes can execute, regardless of the threat environment.

    In their Market Guide for Cloud Workload Protection Platforms, Gartner specifically recommends extending zero trust security, stating: “At runtime, replace antivirus-centric strategies with “zero-trust execution.”
    Join security experts from Virsec as they discuss the challenges of protecting an expanding attack surface area with cloud, hybrid, and container environments and detail the need for application-awareness and effective runtime protection. Get best practices for security implementations for workloads that ensure vulnerability protection with granular application control, system integrity assurance, and advanced memory protection at runtime.
  • Why the Cloud Needs Network Detection and Response Recorded: Apr 20 2021 61 mins
    Anton Chuvakin of Google Cloud & Edward Smith and Vijit Nair of Corelight
    If cloud environments are locked down by default and everything is already being logged, is cloud network traffic analysis really helpful? It turns out that even in the cloud, network telemetry data can ensure investigations are fast and hunts are conclusive. As we’ve learned from breaches like Sunburst, network telemetry provides essential evidence for catching threats other tools miss.


    Join experts from Google Cloud Security and Corelight to learn how collection and analysis of cloud network traffic leads to better threat detection and response. We will discuss:
    - Common misconceptions about network telemetry
    - Cloud traffic monitoring use cases
    - Solutions to implementation challenges
  • Trends in Third-Party Risk: What’s New for 2021 Recorded: Apr 15 2021 28 mins
    Alona Wall, OneTrust
    As the world changes, third-party risk management requirements change too. So, what can you expect in 2021? How can you prepare for what’s ahead? We’ve helped implement thousands of third-party risk management programs, and in doing so, we’ve seen how organizations’ needs have evolved. There are proactive measures you can take to stay ahead of the curve. But in order to execute against and adapt to these third-party risk trends, you need to first know what the future holds. In this session, we’ll answer the following questions:
    What are the latest trends for third-risk management?
    How your organization adapt to current and future trends?
    What can you do to future-proof your third-party risk management program?
    Where can you go to keep up-to-date with new third-party risk trends as they emerge?
  • Light at the end of the tunnel for DPO & Cloud Service Provider Recorded: Apr 15 2021 21 mins
    Nicolas Casimir
    Associations and trade unions asked the judge of the "Conseil d'État, the highest French administrative court - to suspend the partnership between the Ministry of Health and Doctolib, arguing that the hosting of vaccination appointment data by the subsidiary of an American company posed risks with regard to access requests by the American authorities.
    This recent ruling by the supreme administrative court of justice could provide some guidance on developing a legal framework and establishing some technicals controls that could protect them from the long arm of European regulators and the fine they might levy - Some light at the end of the Tunnel for DPO and Cloud Service Provider (CSP) ?
  • Cloud Financial Services: Challenges, Security & Compliance Recorded: Apr 15 2021 24 mins
    Mario Maawad, CaixaBank
    A quick review of the importance of Cloud adoption and its impact in the Financial Sector, barriers and opportunities. Focus on the regulation requirements and particularly on what would be necessary in relation with the future Cloud Certification Scheme proposed by ENISA.
  • Cloud Security - It's Now or Too Late! Recorded: Apr 15 2021 35 mins
    Tsion (TJ) Gonen, Check Point
    The cloud is more dynamic now than ever before. How do you keep up with development while thwarting off threats? Learn how to fend off threats and turning security into an enabling force behind enterprise digital transformation.
  • Rethinking Encryption in the Cloud Recorded: Apr 15 2021 31 mins
    Frederik Gottlieb, CYBERCRYPT A/S
    If you think that you are doing encryption right while remaining compliant with regulations like GDPR, you might be wrong. In this talk Frederik will cover various encryption controls including an application layer encryption approach that incorporates zero-trust principles for data access. If you are worried about your sensitive data staying safe in the cloud, this talk is for you.
  • Zero Trust: From Theory to Reality Recorded: Apr 15 2021 34 mins
    Sushila Nair, NTT data
    EMEA Summit 2021 - NTT Data presentation
  • How to Secure Clouds Without Borders – Hear from a CSO Recorded: Apr 15 2021 29 mins
    Greg Day, Palo Alto Networks
    In this fireside chat, we hear from Greg Day, chief security officer for EMEA, who takes us through newcomers into public cloud as well as real-world transitions to put security into existing deployments. Talking across contracts and data sovereignty/analysis through to process consideration and consequences, Greg perfectly frames these, not as scaremongering, but instead with a pragmatic approach to security. Attendees will learn that whilst securing your cloud native workloads can be daunting, there are standard ways of putting your organisation in the right place. Lastly we get a glimpse into the future of securing workloads and how to be ready for that.
  • Building an Open Cloud Platform Recorded: Apr 15 2021 32 mins
    Giuseppe Brizio, Qualys
    Enterprise IT environments are getting exponentially more complex with the booming adoption of cloud computing. To attain seamless security and compliance, the key is to shift to open cloud platforms that interoperate with each other.
    This new model allows organizations to build security natively into their IT infrastructure, and to take a risk-based approach supported by an always updated global IT asset inventory. It’s the only way to have the scale, speed, accuracy, visibility and context needed to protect today’s hybrid and dynamic IT infrastructures.
    As IT teams embrace cloud services, mobility, containers, DevOps and other innovations, the job of security teams gets harder, especially if they have a heterogeneous stack of tools that are difficult and costly to deploy, integrate and manage. With such a siloed and fragmented toolset, visibility into the IT environment narrows, tasks can’t be automated, false positives abound, and security teams struggle to detect and respond quickly to threats.
    With an open cloud platform, organizations can replace their stack of legacy point solutions with a set of natively integrated, cloud-based security and compliance applications and services. The open platform has also offer a true risk-based approach to security, continuously balancing technology risks with business context.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Least Privilege as Code: Standardizing Management of Cloud Entitlements
  • Live at: Jun 3 2021 4:00 pm
  • Presented by: Adam Markert, Principal Solutions Architect, CyberArk
  • From:
Your email has been sent.
or close