Catching Cloud Misconfigurations in Code Before They Manifest as Security Risks

Logo
Presented by

Yoni Leitersdorf, CEO & Founder, Indeni

About this talk

A recent study suggests that misconfiguration is the number one risk to cloud environments in 2021. With infrastructure-as-code (IaC), we have the opportunity to catch security issues within the CI/CD before they manifest themselves in the cloud. In this talk, we will dive into techniques for IaC threat modeling. This includes static and dynamic analyses that can prevent supply chain attacks due to overly permissive IAM roles, exposing sensitive data inadvertently, detect privilege escalation, drift, etc. We will also describe the various stages of implementing IaC security automation.

Related topics:

More from this channel

Upcoming talks (32)
On-demand talks (666)
Subscribers (44873)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa