Discovering the DDoS Criminal's M.O. (and what stops them)
Presenting the crime scene investigation of today's sophisticated DDoS criminals. How the attacks are launched. Why aren't they getting detected and stopped in time? Why do companies with the best-of-breed mitigation still suffer DDoS attack damages?
RecordedSep 28 202146 mins
Your place is confirmed, we'll send you email reminders
Josh Stella, CEO and Co-Founder, Fugue, and Rajat Sharma, Co-Founder, CWS
Security has become the rate-limiting factor for how fast software development teams can go in the cloud. Security reviews, remediations, and audits soak up valuable engineering resources and steal away the speed and agility that the cloud promises.
That's because cloud security is still laden with inefficient and ineffective manual processes. But with automation using Policy as Code, enterprises can create a security-first culture that collapses the time and investment required to deliver secure infrastructure and applications much faster.
In this session, Josh Stella (Founder, Fugue) and Rajat Sharma (Founder, CWS) will outline why cloud security isn't the same as datacenter security—it's about tuning your processes with policy-based automation rather than intrusion detection or network monitoring.
Attendees will walk away with actionable insights and strategies on:
* Assessing your current cloud security posture and developing a prioritized roadmap to bring your environment into compliance
* Implementing automation using Policy as Code to build security into every aspect of cloud operations, from design to production
* Empowering developers with tools that help them find and fix issues in infrastructure as code, when making changes is easier and faster
* Putting guardrails in place that prevent dangerous misconfiguration vulnerabilities without slowing anyone down
* Creating security awareness within your cloud engineering team to avoid costly technical debt and significant remediations
If it takes your organization months to deploy new environments and weeks to update them because of security, this session is for you.
David Higgins, EMEA Technical Director, and Chris Maroun, Senior Director, Global Technology Office, CyberArk
Modern organizations face an exponentially complex identity landscape – cloud migrations, remote work, and rapidly evolving security and compliance philosophies are creating a proliferation of identities across on-premises and multi-cloud environments.
Standardization is the key to security at scale. By unifying Identity Security controls across siloed environments and risk boundaries, organizations can establish equally dynamic security processes that scale and continuously improve to meet the complex needs of their end users.
Join the Directors of CyberArk’s Global Technology Office, David Higgins and Chris Maroun, for a discussion on establishing consistent controls at enterprise scale.
Key topics will include:
● Reducing risk of data loss and leakage
● Standardizing and securing access for all hybrid and multi-cloud identities
● Least privilege access and Just-in-Time workflows
● Simplifying secrets management and secure application development
● Monitoring and auditing cloud operations.
Ricson Singson QUE (VP, Education, CSA Philippines Chapter)
Timothy Grance (NIST) shared that no hybrid cloud existed when he co-authored the landmark NIST definition of different clouds. He has never expected hybrid clouds to become so pervasive and popular. This panel of experts will endeavor to address the following issues: What are the differences between hybrid and multi clouds? What are the risks in a hybrid cloud environment compared to on-prem and how does one go about mitigating each of these risks. How does one assess the effectiveness of these mitigation measures? And finally how would these mitigation measures benefit organizations/businesses?
Feng ZOU (Director, Cybersecurity Planning and Compliance, Huawei & Co-chair, Hybrid Cloud Security WG, CSA)
Hybrid clouds are often the starting point for organizations in their cloud journey. However, any cloud model consists of risks, threats, and vulnerabilities. Earlier this year, the Hybrid Cloud Security Working Group examined hybrid cloud model risks, threats, and vulnerabilities in its Hybrid Clouds and Its Associated Risks white paper. However, after this review of risks, threats, and vulnerabilities, it’s critical to identify adequate mitigation controls. This presentation will cover countermeasures organizations can implement to improve hybrid cloud risk management and cybersecurity practices.
The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4.0, a greater insight into its development and new components, the current activities of the CCM working group (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0.
As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The Certificate of Cloud Security Knowledge (CCSK) is widely recognized as the standard of expertise and provides an individual with the foundation they need to secure data in the cloud. Learn how CCSK can bridge the gap and provide an important first step in establishing baseline knowledge for individuals in cloud security.
For many people, Zero Trust spells the end of an era – the end of the perimeter defence. McKinnon said: "It’s a failure of the paradigm that you can have a gate and castle wall and everything on the inside is fine".
With the new normal continuously shaping, organizations are moving rapidly to migrate to the cloud to achieve business agility and resilience. However, cloud migration and cybersecurity are efforts taken separately. Thus, a shift left approach to secure applications is crucial to implement security measures during the entire development lifecycle. Shifting security to be left aims to adopt the principles of security by design with security best practices built in, and to detect and address security issues and vulnerabilities as early as the initial stages of the development cycle.
As organizations increasingly pursue cloud or multi-cloud strategies, they face the challenge of achieving consistent security controls across each cloud platform’s distinct entitlements paradigm. Additionally, the rapid increase in the number and complexity of identities organizations must manage as they expand in the cloud lends extra urgency to securing access. In this session, we will dive into cloud identities and how securing them can help organizations achieve cloud security.
Prof. Ryan KO (Chair & Director, UQ Cyber Security, University of Queensland, Australia)
At the heart of all cyber and cloud security attribution challenges is the problem of data provenance tracking and its reconstruction. In this talk, I will cover past, present and developing provenance research in computer science, and cover its relation and usefulness to accountability, traceability, trust, forensics and proactive cloud and cyber security. It will feature some of the cloud data provenance research I have conducted in the past decade, discussed unsolved (or seemingly unsolvable) problems, and will discuss some of the recent developments in academia, industry, and international standards.
Michael Covington, VP of Product Strategy, Wandera
Now that we’ve settled into the rhythm of remote working, companies need to transition from the bootstrapped survival plans that were implemented back in 2020 to mature(r) remote working strategies.
The early gripes of remote working such as an improper desk setup, disconnect after disconnect from the corporate VPN or multiple 2FA prompts throughout the day may have been tolerable initially, but cannot persist in the long term.
IT teams are now charged with provisioning technologies to eliminate productivity drain and enable employees to work effectively wherever they are. While business growth hinges on employee productivity, IT professionals will undoubtedly be mindful of the security-usability tradeoff.
Users need to be granted an appropriate level of access without making authentication arduous. Devices need to be thoroughly analyzed for threats and vulnerabilities regardless of ownership and management status. Access to corporate applications needs to be brokered whether hosted on-premise or in the cloud.
In our upcoming session, we’ll discuss how to balance security and usability in the context of remote working:
Usability: employees shouldn’t have to worry about how they’re going to get their work done; it should be as simple as flipping open a laptop and logging on. We’ll discuss how an SDP can eliminate the productivity problems associated with remote working without compromising security.
Performance: an architecture that scales and adapts to the growing needs of your business is important for manageability. We’ll go over how an SDP reduces the management burden of traditional access technologies while eliminating the need to adopt point solutions to deal with niche security use cases.
Privacy: employees are more mindful of the blur between work and personal lives, mainly because there hasn’t been a division for the past two years. How can IT teams overcome the privacy concerns of employees while making sure that they have the needed observability?
Harrison Parker, Senior Solutions Architect, Siemplify
As security operations teams manage rapidly evolving and increasingly complex cloud infrastructures, there is more need than ever to reduce an organization's attack surface, increase speed and reliability by automating as many processes as possible, and bridge the gap between on-premise and cloud security.
Security orchestration, automation and response (SOAR) platforms can help streamline detection and response workflows with repeatable and custom dynamic playbooks for a litany of cloud-related security alerts.
In this webinar, we'll cover how you can easily address the following cloud security use cases, including:
- Automatically respond to compromised developer breaches and data exfiltration on multi-cloud applications.
- Detect and remediate hybrid malware via novel file synchronization attack vectors.
- Systematically investigate and patch cloud vulnerabilities and misconfigurations.
Izak Mutlu, former CISO, Salesforce and Arnaud Treps, CISO, Odaseva
Despite increased calls to action from cloud experts, many IT leaders still believe SaaS data security is not their responsibility. A recent study by analyst firm ESG found that more than ⅓ of IT leaders rely solely on SaaS applications to protect data. Meanwhile, security threats are becoming bolder and more advanced, also targeting SaaS applications. While SaaS vendors' security efforts actually relieves customers from some concerns, a SaaS data security program remains a must-have to avoid security breaches that could result from user errors, misconfigurations, technical issues, bugs in custom code or even an advanced attack on the SaaS vendor itself.
But first, you need buy-in from Security, IT, Legal & Compliance stakeholders. This webinar will feature SaaS data security experts Izak Mutlu, former CISO of Salesforce, and Arnaud Treps, CISO of Odaseva, breaking down key considerations security professionals can use to reinforce the need for SaaS security with their colleagues.
Join this webinar to learn about the top considerations to get buy-in for a SaaS data security program which include:
- Why typical SaaS security controls like MFA are not silver bullets
- Why SaaS platforms are the ideal target for motivated hackers
- Why SaaS data is much harder to restore in the event of a data loss
- Why customers remain accountable for regulatory compliance
Justin Somaini, Chief Security Officer, Unity, and Adam Gavish, CEO, DoControl
Organizations use SaaS apps to drive business enablements across all departments and workforce. Collaboration with 3rd party vendors, customers, and partners over SaaS data is the new normal - and we just love it when things get done quickly right?
This poses two threats for security practitioners:
1. Insider threats
• Leaving employees share SaaS data with their personal accounts which not only exfiltrate company data with personal accounts but also pose extra risk since personal account in most cases don’t have multi-factor authentication set up
• Employees overexpose sensitive data internally (finance and engineering can consume each other’s information)
• Sensitive data is being shared with the wrong 3rd party
2. External threats
• 3rd party collaborators have access to your company data forever
• Your vendors share your company data with their vendors, who were never gone through a 3rd party risk assessment by you
• 3rd party collaborators with your company data with their personal accounts which in most cases don’t have multi-factor authentication set up
This is a candid discussion on the threat models above and beyond. Our goal is to raise awareness on what’s going on as well as suggest industry best practices and “war stories” so that you will walk away with better knowledge and tools to remediate such risks in your organization.
Jason Hicks, Coalfire, Jerome Bell, IBM Cloud, James Carder, LogRhythm, and Elad Yoran, Cloud Security Alliance
As companies shift their people, processes, and technologies into the digital age, cybersecurity strategy is sometimes an afterthought instead of an integrated part of planning. In fact, a recent survey of C-level executives* showed that nearly one-third of security controls and management are still siloed from a functionality standpoint.
At the organizational level, this siloing can result in policy decisions that fail to address critical security gaps within a strategic plan, resulting in an increase in time and resources dedicated to retroactively addressing these gaps. Transformation can also mean disruption to teams, exposing skill gaps that hamper progress.
This panel discussion features seasoned cyber executives who will share their lessons learned and best practices for harnessing cyber strategy to improve the digital transformation journey.
• The top challenges when aligning security strategy to cloud migration and other digital transformation steps.
• Best practices throughout the digital transformation journey, including:
o Creating efficiencies in a hybrid environment.
o Getting into a DevSecOps mindset from the start.
o Securing Board and leadership buy-in on cybersecurity strategy.
• How best to transition your team to minimize disruption and staff turnover.
• How to message the business value of the transformation to the Board and other key stakeholders.
• How to effectively monitor your new environment and proactively respond in a cloud-forward way.
* Survey sponsored by Coalfire and completed by Dark Reading.
Guy Peer, VP R&D & Co-Founder, Unbound Security, Dr. Jurlind Budurushi, Cloudical, and Dominik Pickhardt, White & Case
White & Case is an international law firm with locations that expand across 3 continents, in support of multinational and multi-global organizations. Cloudical is at the forefront of cloudification and helps organizations conceptualize, create and utilize cloud-based applications to scale their businesses via the adoption of cutting-edge technology and processes. Unbound Security enables organizations to adopt modern cryptographic technology that mitigates risk and centralizes encryption key management. Join these three innovative companies on a virtual case study of the challenges that organizations face today when needing to leverage existing infrastructure, achieve FIPS 140-2 Level 2 validation, while securely accelerating their business via virtualization.
During the Virtual Case Study, you will learn:
- What challenges did White & Case aim to address in respect to the data that they are encrypting, sharing, decrypting and storing
- Why they are shifting to the cloud and the impact it has had on their existing cryptographic infrastructure
- Can enterprises be future-ready and still leverage their existing, on-premise investments
- Why is centralized management of cryptographic key material so critical for organizations that have sensitive data on-premise, hybrid or in one to multiple clouds?
- What are the 5 critical factors any enterprise should consider when driving a cloud first cryptographic initiative?
John Steven, Chief Technology Officer, Concourse Labs
Security, Cloud, Operations, and Product/Development groups are all building out their versions of the next cloud platform and governance controls. As each considers overlapping approaches including automated enforcement, shift left, and other posture management approaches one question dominates: "How can security keep pace with delivery?"
Expect insight on how to:
- Create security as code (SAC);
- Integrate SAC into existing software delivery and governance lifecycles;
- Evolve from 'guardrails' to preventative controls; and
- Navigate follow-on action from monitoring and drift detection activities.
Join John Steven, Concourse Labs CTO and co-author of the BSIMM study, as he shares his hands-on experience implementing security-as-code architectures and demonstrates best practices for developing security policy and controls, to automate DevSecOps and runtime cloud security.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa