Modern cloud threats are complex, multi-stage attacks that involve supply chain infection, credential harvesting, evasive beaconing, zero-day Linux malware, and ransoming cloud storage. These attacks cannot be mitigated simply by compliance and configuration checks. Major attacks in the last 12 months went after unknown CVEs and used mutated malicious code for which no signatures existed.
In this session, we will go beyond the now pervasive and obvious example of open cloud storage buckets to discuss the top 10 modern cloud security risks with real-world examples.
Attendees will learn key techniques that they can deploy right away in their organization to:
- Mitigate cloud risks across multi-VPC, multi-OS, and multi-account deployment
- Detect unknown malicious code at the build, ship, and run stage
- Inspect and Analyze cloud network packets, API activity, and storage activity
Hear from Dr. Neil Daswani (former CISO of Lifelock and co-author of Big Breaches and Foundations of Security) and Dr. Saumitra Das (founder and inventor in AI security) about lessons learned from prior attacks and potential approaches to strengthen defenses against future attacks.