Hi [[ session.user.profile.firstName ]]

Defending your Cloud with MITRE D3FEND

Modern cloud threats with complex, multi-stage kill chains cannot be mitigated simply by compliance and configuration checks. The MITRE ATT&CK framework for Cloud provides a structure for security teams to reason about attacker tactics in their cloud. The newly announced MITRE D3FEND framework provides a standard vocabulary for countermeasures against attackers.

In this live session, we will provide an overview of D3FEND and how it maps to cloud security. We discuss the countermeasures security teams should consider that are specific to cloud attack tactics. We also discuss how ATT&CK maps to the technical root causes of breach that have impacted over 9,000 reported breaches to date.

Security experts and cloud DevOps/DevSecOps attendees will learn about:
- MITRE ATT&CK and differences between Cloud and On-premises
- How MITRE ATT&CK maps to the technical root causes of breaches
- MITRE D3FEND and how to apply and extend it for your cloud
- How to prioritize and deploy countermeasures based on D3FEND

Hear from Dr. Neil Daswani (former CISO of LifeLock and co-author of Big Breaches and Foundations of Security) and Dr. Saumitra Das (founder and inventor in AI security) about these frameworks and countermeasures and reason about where to direct your efforts to minimize risk.
Recorded Aug 12 2021 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Neil Daswani, Co-Director of the Stanford Advanced Cybersecurity Program and Dr. Saumitra Das, CTO Founder, Blue Hexagon
Presentation preview: Defending your Cloud with MITRE D3FEND
  • Channel
  • Channel profile
  • Decoding Cloud Security Matrix and Shared Responsibility in the Cloud Oct 1 2021 12:00 pm UTC 30 mins
    Prasun Srivastava (Senior Solutions Architect – India and SAARC region, Cloud Protection and Licensing, Thales)
    Closing Keynote
  • Hybrid Cloud Security: Risks & Mitigation Oct 1 2021 11:00 am UTC 45 mins
    Satyavathi DIVADARI, Brendan LAWS, Madhav CHABLANI, Raj SHASTRAKAR & Somik SEN
    Panel Discussion : "Hybrid Cloud Security: Risks & Mitigation"
    Timothy Grance (NIST) shared that no hybrid cloud existed when he co-authored the landmark NIST definition of different clouds. He has never expected hybrid clouds to become so pervasive and popular. This panel of experts will endeavor to address the following issues: What are the differences between hybrid and multi clouds? What are the risks in a hybrid cloud environment compared to on-prem and how does one go about mitigating each of these risks. How does one assess the effectiveness of these mitigation measures? And finally how would these mitigation measures benefit organizations/businesses?

    MODERATOR: Satyavathi DIVADARI (Chairman, CSA Bangalore Chapter)

    - Brendan LAWS (Director, Solutions Architecture, Rapid7)
    - Madhav CHABLANI (Chairman, CSA NCR Chapter)
    - Raj SHASTRAKAR (Serverless ​Working Group Member, CSA)
    - Somik SEN (Vice-Chair, CSA Kolkata Chapter)
  • Identifying & Securing Against Crypto Asset Risks Oct 1 2021 10:15 am UTC 30 mins
    Ashish MEHTA (Co-chair, CSA Blockchain WG)
    With Special Focus on Impact of Quantum Computing on Crypto Assets

    The speaker will be sharing CSA Blockchain Working Group research papers on "Securing Crypto assets, can Blockchains survive the Quantum Computing Threat" & then extending conclusions of those papers to the Cryptocurrency Security Standard (CCSS) and showing how to effectively map the CCSS with the CSA's CCM 4.0 framework for Enterprise deployments of secure Crypto assets".
  • Introduction to the Cloud Controls Matrix v4.0 Oct 1 2021 9:30 am UTC 30 mins
    Lefteris SKOUTARIS (Program Manager, CSA)
    The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4.0, a greater insight into its development and new components, the current activities of the CCM working group (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0.
  • Smart Vehicle Ecosystem - Security Challenges IoT Cloud & Mobility Oct 1 2021 8:45 am UTC 30 mins
    Dr. Lopa Muddra BASUU (APAC Research Advisory Council​ Member, CSA)
    IoT Cloud Convergence Elevated the Smart Vehicle Ecosystem boosted by Mobility. With enhanced experience, security challenges increased manifold. Striking a balance between risks & user experience became the most challenging ball game. Secure Cloud capabilities can be strategically used to address technology risks.
  • Establishing Cloud Audit Expertise Oct 1 2021 8:15 am UTC 15 mins
    Ekta MISHRA (APAC Membership Director & Country Manager - India)
    As the cloud becomes increasingly essential to organizational IT strategies, working knowledge of cloud security best practices is crucial. Cloud computing represents a radical departure from legacy IT which means that IT audits must be significantly altered to provide assurance to stakeholders that their cloud adoption is secure. Traditional IT audit education and certification programs are not developed with an understanding of cloud computing and its many nuances. Developed by CSA and ISACA, the Certificate of Cloud Auditing Knowledge (CCAK) credential and training program fills the need for vendor-neutral, technical training and credentials in cloud auditing. Learn how CCAK prepares you to address the unique challenges of auditing the cloud, ensuring the right controls for confidentiality, integrity and accessibility, and mitigating risks and costs of audit management and non-compliance.
  • Cloud Workplaces - Managing The Risks Oct 1 2021 7:15 am UTC 30 mins
    Keith PRABHU (Chairman, CSA Mumbai Chapter)
    ​While the Cloud has been gaining in adoption for the last decade, the pandemic challenges of the last 2 years has made the move to the Cloud inevitable. The last 2 years have seen massive adoption of Cloud, Mobile Computing and telecommuting. Organizations went into an overdrive to move workloads to the Cloud and equip the workforce with laptops and remote access. This trend will only continue and a hybrid working environment will develop. However, this hybrid environment has widespread ramifications on information security, privacy and business continuity. This hybrid working environment has increased the attack surface and has forced organizations to be more "elastic" yet secure in meeting security demands. New approaches are required to meet these new challenges in information security, privacy and business continuity. Organizations will have to embrace concepts of Zero Trust and Cloud Security Controls. The increasing focus on privacy would need more emphasis on implementation of privacy by design. Organizations will have to move to the more mature model of "resilience" rather than the current model "business continuity".
  • CSA Guidance on Mobile App Security Testing Oct 1 2021 6:30 am UTC 30 mins
    Parveen ARORA (Co-Founder & Director, VVnT Foundation)
    The advent of Mobile Apps, as a default and mandatory requirement, with every service has caused an explosion in usage of smart mobile devices. The use of mobile applications over cloud have surpassed websites as the avenue of choice when it comes to consuming services and hence the rise in mobile application testing services market (valued at USD 13.6 billion by 2026 growing at 20.32% CAGR during the forecast period 2019–2026). CSA aims to continuously improve and increase open-source security standards and thereby enhance mobile applications security. The Mobile Application Security Testing (MAST) whitepaper by CSA provides best practices for the security testing of mobile applications.

    ​This session covers its application approach to MAST landscape to overcome growing application security challenges.
  • Continuous Compliance in Cloud Oct 1 2021 5:45 am UTC 30 mins
    Raj SHASTRAKAR (Serverless Working Group Member, CSA)
    The presentation will cover how continuous compliance can be achieved in a multi-cloud environment, in near real-time. It will also cover the strategy on anti-drift pattern, mitigation at scale, and mitigation-as-code approach.
  • Securing IoT Ecosystem leveraging CSA's IoT Framework Oct 1 2021 5:15 am UTC 15 mins
    Renu BEDI (IT Security Manager, PwC)
    ​The internet of Things (IoT) brings increased connectivity to all industries and business markets, enabling a wide range of services for customers, stakeholders, and service providers. IoT security risks could result in loss of business or life. Device manufacturers and organizations can leverage CSA's IoT framework to reduce risk to an acceptable level by implementing end-to-end security controls. ​
  • Keynote : ​Cyber Resilience Oct 1 2021 4:30 am UTC 30 mins
    Praveen KULKARNI (Country Manager - Security Risk & Governance, Micro Focus)
    The cyber threat landscape is changing and evolving, the notion that enterprises are safe and that one needs to protect against future threats has changed to a position where enterprises could be at threat with adversaries in their midst. One needs to change to an adversarial mindset and adopt a security posture to be able to positively adapt within this context.
  • Keynote : Stepping Up the Security Journey Oct 1 2021 4:00 am UTC 15 mins
    Ramesh NARAYANSWAMY (CTO, Aditya Birla Capital)
    In this session we will discuss about the changing nature of digital transformation and how it is altering the thinking in the security landscape. It will cover the ways to integrate security at every step of development life cycle.
  • Welcome Remarks, Welcome Address & Opening Address Oct 1 2021 3:30 am UTC 15 mins
    Dr. Hing Yan LEE, Ekta MISHRA & Jim REAVIS
    Welcome Remarks
    ​Dr. Hing-Yan LEE (EVP APAC, CSA)

    Welcome Address
    Ekta MISHRA (Country Manager India, CSA)

    Opening Address
    Jim REAVIS (Co-Founder & CEO, CSA)
  • The Top Mistakes in Cloud Security and How to Avoid Them Sep 30 2021 4:00 pm UTC 60 mins
    Yaniv Bar-Dayan, CEO and Co-founder, Vulcan Cyber
    Gartner Research recently predicted that “through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes.” Now that we know where we should focus our efforts to secure the enterprise cloud services we use, we should be able to move quickly to address mistakes and mitigate risk. Right?

    It's never that easy. But if we understand where our cloud security weaknesses exist and if we effectively prioritize risk and mitigate self-induced vulnerabilities, we'll be way ahead of the game.

    Cloud security is almost never the cloud service provider's problem and the sooner we take responsibility for the security of our cloud application infrastructure, the quicker we can mitigate risk.

    Unfortunately, cyber security initiatives too often fall short of objectives to actually secure cloud infrastructure. Lots of scanning and configuration checks, but not a lot of mitigation and remediation. There are so many moving parts in modern cloud application infrastructure, with dozens of stakeholders, and a crush of vulnerabilities and misconfigurations that are growing exponentially.

    Join Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO, to learn from the top mistakes we've seen time and again in enterprise cloud security. Join us to learn about:

    • The top five mistakes in cloud security.
    • How to avoid these mistakes.
    • The latest native AWS, Azure, and Google Cloud security tools available today to help you enforce cyber hygiene across your multi-cloud surfaces.
  • How to Protect Your Cloud Environment from Supply Chain Attacks Sep 29 2021 5:00 pm UTC 60 mins
    Ami Luttwak Chief Technology Officer, Wiz
    Supply chain attacks are on the rise with high-profile breaches such as Mimecast and Kaseya changing the way we approach supply chain risk. Cloud environments are particularly exposed because cloud identities are complex and even innocent looking privileges requested by third-party vendors can lead to unexpected levels of access. Research from Wiz Labs recently found that 82% of companies unknowingly provide third-party vendors highly privileged roles in their cloud environment. In this session, we will explore supply chain risks in the cloud and how to mitigate them to harden your cloud environment against attack.
  • Discovering the DDoS Criminal's M.O. (and what stops them) Sep 28 2021 5:00 pm UTC 60 mins
    Matthew Andriani, MazeBolts CEO and Founder
    Presenting the crime scene investigation of today's sophisticated DDoS criminals. How the attacks are launched. Why aren't they getting detected and stopped in time? Why do companies with the best-of-breed mitigation still suffer DDoS attack damages?
  • Cloud-Native Attacks on Availability: How Ransomware Can Follow You to the Cloud Recorded: Sep 8 2021 59 mins
    Kat Traxler Senior Security Researcher and Joe Malenfant, VP of Product Marketing, Vectra AI
    The rapid shift to remote work in 2020 saw adoption of public cloud skyrocket. Organizations quickly saw the benefits of public cloud from SaaS based applications, to the agility that PaaS provides. While the pandemic dominated the headlines last year, 2021 will likely go down as the year of ransomware. While the economics of ransomware have been a proven, profitable business, the shift to the cloud opens new possibilities.

    Join security researcher Kat Traxler and Vectra AI VP of Product Marketing Joe Malenfant, as we step through a scenario using real-world examples on how criminal organizations are targeting cloud deployments and gaining initial access to cloud platforms. You’ll learn about:

    - The telltale signs of ransomware behavior before encryption
    - How ransomware can target IaaS environments, specifically against AWS
    - 4 ways attackers can compromise availability of S3
    - Strategies for threat detection and risk mitigation of your AWS environment
  • The Latest Threats, Techniques, Risks & Vulnerabilities in Cloud Environments Recorded: Sep 7 2021 60 mins
    Rob McLeod VP, Threat Response Unit (TRU), eSentire and George Gerchow, Chief Security Officer, Sumo Logic
    Join us for this webinar where eSentire and Sumo Logic threat intelligence experts will brief CSA members on cutting edge threat intelligence developed from threat reports and first-hand detections our threat hunting teams have encountered in cloud environments.

    This briefing will bring CSA members up to date on the latest threats, risks, and vulnerabilities in cloud environments.

    - We will share the top cloud threats and vulnerabilities eSentire is seeing as we respond to threats in customer environments and from the latest cloud threat reports.
    - We will review examples of critical cloud-specific event data, relevant types of indicators of compromise (IoCs), and adversarial tactics, techniques, and procedures (TTPs).
    - Our threat response unit will lead 2 real cloud threat detections we’ve responded to in the wild to demonstrate how our threat hunters search for compromised assets based on indicators, events generated on workloads and within the cloud environments, or communications with known malicious IP addresses and domains.
    - We will look at how the Sumo Logic research team tracks the threat landscape and enhances the detection of advanced threats and give better context to threat investigations in cloud and multi-cloud environments.

    Register today to be among the first to receive the latest eSentire Threat Intelligence Report Dissecting Today's Ransomware Ecosystem: Ransomware-As-A-Service, Targeted Intrusions and Opportunistic Attacks
  • Becoming a STAR Recorded: Sep 3 2021 36 mins
    Sanjeev GUPTA (Director, Certification Partners Global)
    This presentation will review what certification means, why is it the most important criterion for a business, sales. How does a Certification Program achieve this? And what are the costs, not just direct. How should an organisation begin this process, what to look out for, and what do you get at the end? We also review the differences of the CSA STAR with other Cloud Security programs.
  • Hybrid Cloud and Its Associated Risks Recorded: Sep 3 2021 37 mins
    Narudom ROONSIRIWONG (Co-chair, CSA Hybrid Cloud Security Working Group)
    As businesses are developing rapidly, many cloud consumers find that a single public/private cloud or traditional on-premises data center is no longer able to meet service requirements. Organizations are increasingly choosing hybrid cloud environments and services to meet their needs. However, hybrid clouds pose different risks and thus bring on a different set of challenges to security.This presentation will provide the overview of Hybrid Cloud, demonstrate its risk
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Defending your Cloud with MITRE D3FEND
  • Live at: Aug 12 2021 6:00 pm
  • Presented by: Dr. Neil Daswani, Co-Director of the Stanford Advanced Cybersecurity Program and Dr. Saumitra Das, CTO Founder, Blue Hexagon
  • From:
Your email has been sent.
or close