When the headline reads “Company suffers cloud data breach due to misconfigured server,” recognize that this is only a small part of the story. What’s missing is the series of moves the attacker executed to achieve their ultimate goal, because the data they’re after rarely resides on the initial “misconfigured server”. Failing to understand how attackers operate in the cloud causes teams to focus too much on the wrong things and develop a false sense of security.
In this session, Snyk chief architect Josh Stella will explain how nearly every major cloud breach goes down, and why cloud security keeps failing even the most sophisticated teams and organizations. He’ll walk through how attackers are not only exploiting individual resource misconfigurations, but also architectural design vulnerabilities that enable them to compromise the cloud API control plane in order to discover and extract data without detection.
Josh will lay out a five-point approach for addressing these modern cloud attacks: 1) know your environment; 2) focus on prevention; 3) Empower your developers; 4) automate with policy as code; and 5) measure what matters.
You’ll walk away from this session with a better understanding of cloud threats and a systematic strategy for addressing them.