Name: A Tacky Graph and Listless Defenders: Looking Beneath the Attack Surface
Start: 2022-09-13T19:00:00Z
End: 2022-09-13T19:00:49.000Z
Location: BrightTALK
Rating: 4.7

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

The AT&T Cybersecurity Insights Report is an annual thought-leadership report based on a global survey of over 1,400 IT, security, networking, development, and line of business professionals across seven industries. The research is vendor-neutral, forward-looking, and actionable.

The journey to edge is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships. The right edge ecosystem partners bolster resilience and security – critical elements of edge computing solutions, especially as the attack surface expands.

The AT&T Cybersecurity InsightsTM Report: Edge Ecosystem examines how organizations are changing to support edge, why planning for the edge takes an ecosystem of partners, why investing in edge use cases drives competitive differentiation.

The discussion provides insight into:
• What the business drivers are for edge use cases
• Where edge use cases are being deployed
• How budgets are shifting to support edge

2023 AT&T Cybersecurity Insights Report: Edge Ecosystem

Mergers and Acquisitions (M&A) are increasingly encountering a reality that a significant proportion of either the merged or acquired entity is constituted by a virtual, Software-as-a-Service (SaaS) footprint. The SaaS-fication of business includes many of the core business processes and proprietary data, with large enterprises having hundreds or thousands of SaaS apps deployed. 

Until recently, observability into the SaaS estate has been limited, the equivalent to buying a house sight unseen. This is because existing cloud security solutions such as Cloud Access Security Brokers (CASBs) are unable to provide insight to the SaaS app configuration and permission settings, including SaaS-to-SaaS connections. Only by leveraging a SaaS Security Posture Management (SSPM) solution can security and risk leaders effectively perform the necessary SaaS cybersecurity due diligence to understand and manage the cyber risks associated with the M&A process. 

A SSPM solution provides SaaS cyber risk observability from a single pane of glass, effectively shining a light onto current and potential future state SaaS cyber risks, including over-permissioned end-users and exposed sensitive data.

Boost your M&A Program with SSPM

We all know the cloud brings speed and automation to the business, but the speed of cloud attacks is staggering. New data shows how your cloud can be owned in the amount of time it takes to brew your fancy pour-over coffee. 

In this webinar we’ll unpack the latest cloud attacks and share real stories of organizations that evolved their defense to prevent, detect, and respond at the speed of cloud. Spoiler alert: your CSPM ain’t gonna cut it. 

Smash that register button if you’re curious about: 

• How you can reduce vuln noise by up to 95%
• How runtime insights make CSPM better
• How to reconcile all these acronyms into a coherent cloud security strategy (CNAPP, CSPM, CWPP oh my!)

Beyond CSPM: Mastering Cloud Defense in the Age of Rapid Attacks

In the current state of SaaS cybersecurity, there’s a disconnect between security practitioners’ perceptions of their SaaS cybersecurity maturity and the actual reality. A majority feel overconfident in their SaaS cybersecurity strategies, but our findings paint a different picture, revealing that organizations aren’t effectively managing SaaS cybersecurity risk at scale as much as they perceive.

From our survey of over 600 security practitioners for our report, we learned that 79% of organizations suffered a SaaS cybersecurity incident in the last year. We find that one of the key challenges organizations face is obtaining risk visibility into their SaaS attack surface. But we see a silver lining: Organizations are aware of risks posed by unsecured SaaS and are now prioritizing SaaS cybersecurity as a top 3 initiative.

In this webinar, presented by AppOmni, we will discuss:

The latest trends and findings from The State of SaaS Cybersecurity Posture 2023 Report
• How to gain actionable end-user-centric insights
• Actions to take to reduce your SaaS attack surface

CISOs Overestimate SaaS Cybersecurity Posture — How to Secure Your SaaS Data

Everyone’s talking about artificial intelligence (AI) and machine learning, but how will this impact cloud security? And why is AI such an indispensable tool in the security practitioner’s arsenal?

Invite your customers to tune in as Michael Vaughn, Director of Product Management at AT&T Cybersecurity, discusses the advantages to the SOC of AI-powered threat detection and response and describes how machine learning is being used to help organizations secure their data in the cloud.

How SOC Teams Use Next-Generation AI to Improve Cloud Detection and Response

We’ve all seen it before. Your team needs access to that resource or tool just to do your job or hit that deadline. But you’re stopped in your tracks because it taking too long to jump through security hoops.

Or, maybe your existing access management processes haven't been rolled out to your cloud resources because your PAM can't support it—leaving you with a lot more risk than you'd like. Your team is productive but there's always a worry about breached credentials or keys.

This is the access, productivity, and security vicious cycle.

It’s time to break the cycle—and it all starts with simplifying access. Join this session to learn how simplifying cloud access can reduce friction and improve productivity, all while continuing to ensure that security standards are met.

How Fixing Cloud Access Improves Security and Productivity

AI has powerful transformative potential for the cloud, but with great power comes great responsibility- and big implications. Join SentinelOne as we discuss generative AI at large, and how these tools are impacting the cloud security community.

This webinar will examine:
• The breadth and specialities of generative AI tools including ChatGPT, AutoGPT, and Baby AGI
• How AI automation streamlines routine tasks and enables data analysis at scale
• How these applications lead to improved user experiences and the emergence of new services and business models
• Potential risks posed by AI attacks, and how we can counter with the evolving field of AI defenses

Amidst advancements in generative AI tools, the importance of the human element in shaping AI systems remains critical. Cloud security professionals must embrace the future and learn the ins and outs of the generative AI landscape to safeguard their organizations.

Artificial Intelligence in Cloud Security: Harnessing for Good

Join us for an insightful webinar that delves into the cutting-edge concept of Cloud Native Application Protection Platform (CNAPP) and its remarkable value proposition.

In this webinar, we will explore how CNAPP differs from previous point solutions, offering unparalleled benefits such as shared visibility, reduced management costs, robust code to cloud protection, vendor consolidation, and decreased total cost of ownership. Drawing on industry research, we will discuss the increasing adoption of CNAPP among practitioners, as highlighted by Gartner studies and valuable data from the Cloud Security Alliance (CSA).

Furthermore, we will uncover the challenges associated with CNAPP, with a specific focus on visibility, prioritization, and the effective implementation of DevOps security practices. Discover how the Cloud Security Alliance has been actively championing best practices in DevOps security, aiming to overcome hurdles and ensure a secure cloud environment.

An essential aspect of modern cloud security is leveraging artificial intelligence (AI) innovations. We will explore how AI-driven solutions, including Microsoft's revolutionary copilot, contribute to bolstering threat detection and response capabilities, empowering organizations with proactive and efficient security measures.

Join us as we shed light on the critical role of zero-trust technologies in Cloud Identity and Access Management (CIEM) and network security. Gain valuable insights into Microsoft's perspective on CNAPP and its seamless alignment with customer needs, backed by real-life customer stories that resonate with the challenges identified through surveys.

Catch Up on Cloud Native Application Protection Platforms (CNAPPs)

The rapid pace of the cloud introduces a growing attack surface spanning multiple clouds, multiple architectures (containers, serverless, and VMs), and thousands of cloud technologies. Join us as we look deeper into common cloud attack paths from initial access to internal exposure and isolation breakout. This session will cover strategies for how organizations can approach prevention, including a playbook for how security and development teams can control risks together across the pipeline.

From CSPM to CNAPP: Defining a New Operating Model for Cloud Security

Industry analysts estimate that 99% of cloud data breaches will be traced back to preventable misconfigurations made by end-users. Yet companies are disproportionately allocating resources to secure the public cloud infrastructure instead of SaaS, which is the number one way organizations consume cloud.

Modern enterprises today leverage 50 or more SaaS apps. With countless configuration changes and fast release cycles, manual security management is a near-impossible task. The lack of visibility over apps makes them appear secure on the surface, but the underlying data schema may be leaking sensitive data.

SaaS Security Posture Management solutions (or SSPM) enables visibility into configuration and data exposure risk across an entire SaaS estate by providing a universal control plane. It’s only after accurately observing and quantifying cyber risks in SaaS can organizations take the necessary steps to address them at scale. 

In this webinar with AppOmni and Accenture, you’ll learn:
• What makes SaaS clouds different
• Why approaches and tooling that work for “traditional” cloud (IaaS and PaaS) security are inapplicable and insufficient to address SaaS security requirements at scale
• What to look for in SaaS that demands additional security measures
• Best practices in SaaS security configuration and monitoring
• Key approaches to build and operationalize a SaaS security program

Securing SaaS: The Missing Component of Cloud Security

While cloud technology is not new, and many organizations have been on their cloud journey for years, cloud service providers continue evolving with new features and services. 

The fast change and growth make it difficult for many organizations to catch up and inadvertently introduce security weaknesses. 

Join our webinar as we talk through this year’s results of the Unit 42™ Cloud Threat Report!

Our experts offer insights into the most common drivers of cloud incidents and breaches today, giving security leaders and practitioners a comprehensive view of cloud security threats. These findings should enable leaders to understand the greatest risks to their cloud environment and how to manage them most effectively.

The topics we surveyed:
• Cloud breach incidents of fortune medium and large-size companies.
• Cloud threat actors.
• Complications in the cloud.
• Impacts and risks of open-source software in the cloud.

Unit 42™ Cloud Threat Report

While Zero Trust has become an industry slogan among security advocates, it also has been diluted by being associated to specific solutions and technologies.

Let’s move beyond the buzz word and beyond the diatribe of repeated messages that fall short in providing a clear and concise message. For security practitioners who strongly advocate for ZT, we are going to provide practical and actionable steps on your journey to implementing ZT within your environment and realize value for your organization

During this session we’ll cover: 
• Why Identity is the control plane
• First step to establish ZTNA - verify Identity
• Central for Zero Standing Privilege and Least Privilege
• Identity carries across the Zero Trust pillars — network, data, app, device

Deliver Value and Security through Zero Trust

Join FireMon’s Cloud Security leader Rich Mogull, as he presents his latest research findings on the top cloud attacks and how to detect and respond to them. Sure, there are plenty of potential fancy cloud attacks, but the reality is the vast majority follow the same repeatable patterns. Rich will show attendees how to build an effective monitoring and detection infrastructure, the importance of including real-time misconfiguration monitoring, the top 5 current attack patterns, and how to build proper threat detectors. This session will be loaded with examples to help you dramatically improve your cloud incident response capabilities.

Real World Cloud Incident Response

The CSA, NIST, Weaver, and CSA volunteers have teamed together to map the NIST CSF subcategories to the CSA’s CCM controls. During the webcast, we will introduce attendees to the mapping and discuss in detail a few select controls to illustrate how they can leverage the mapping in their environment. We will discuss how the mapping can support specific use cases, and how it can be leveraged to enhance the security posture of cloud service customers as well as providers.

We will briefly discuss the history and purpose of both the CSA Cloud Controls Matrix and the NIST’s Cybersecurity Framework, and their respective benefits to demonstrate how a mapping of the two builds upon their respective strengths.

Finally, we will touch upon the methodology used for the mapping, and the layers of review performed by CSA volunteers, NIST, Weaver, and CSA that contributed to the overall quality control and consistency of the mapping. 

At the end of the web cast, attendees will:
• Understand how to leverage the mapping to demonstrate that their implementation of CCM controls attain security outcomes of the CSF;
• Understand the methodology followed to ensure the reliability of the mapping
• Walk away with use cases and next steps that can be customized to their environment.

The NIST CSF to CSA CCM Mapping – A Primer

Cloud migration has revolutionized the way we work with databases, But the cloud provider’s changes to popular database engines have created new attack vectors. Our presentation will explore the evolving database attack landscape in the cloud, showcasing a case study of a critical CloudSQL (GCP) vulnerability we recently found and advanced lateral movement and PE techniques.

The Dark Side of Cloud-Based Database Engines

Explore how Confidential Computing revolutionizes secrets management for organizations undergoing cloud-based digital transformations. Hybrid architectures often strain legacy backend components like HSMs and key management systems, which must move to the cloud to scale. Learn how Confidential Computing solves these challenges, enabling effective secrets management practices. 

Join us as we explore: 
• The challenges of leveraging the cloud for digital transformations while relying on HSMs for secrets management. 
• Architectural design patterns that address these challenges and enhance secrets management practices. 
• The application of Confidential Computing to secure these design patterns, ensuring scalable and auditable security.

Making Secrets Management Scalable and Auditable with Confidential Computing

Cloud Workload Protection Platforms (CWPP) must provide real-time detection and response if they are to be effective in defending against machine-speed ransomware attacks in the cloud. When coupled with Cloud Native Application Protection Platforms (CNAPP), cloud-enabled businesses can experience comprehensive cloud security without throttling innovation. 

Join SentinelOne as we speak plainly about cloud defense in depth. From build time to runtime, we will discuss the complementary roles of agentless and agent-based security layers. We will cover the responsibilities of both CNAPP and CWPP, examine a cloud ransomware incident, and share insights to help organizations accelerate innovation while operating securely in the cloud.

The Role of CWPP in a CNAPP World

John Lambert is well known for his quote, "Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win." 

But is this always true? Based on new research leveraging data across 1,300 organizations, we discovered areas where it is appropriate to continue using lists and other areas where graphs are more helpful to defenders. 

This presentation will examine various types of attack surfaces and attack paths to determine the type of techniques (e.g., lists vs graphs) and controls (e.g., bounded vs unbounded) that are potentially most useful for defenders.

We will also examine how different architectural designs might affect these attack surfaces and paths and how the principles of the D.I.E. Triad (distributed, immutable, ephemeral) influence the size of the attack surfaces and the depths of the paths that are underneath that surface.

A Tacky Graph and Listless Defenders: Looking Beneath the Attack Surface

BrightTALK

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

A Tacky Graph and Listless Defenders: Looking Beneath the Attack Surface

Presented by

About this talk

More from this channel