Today’s attackers have become cloud security experts, abusing cloud APIs to deploy ransomware, mine cryptocurrency, or steal data. Andre Rall, former Head of Account Takeover for AWS Fraud Prevention, has seen it happen first hand and has some surprising stories to share.
Join a lively conversation with Rall, now Director of Cloud Security at Uptycs, as we dive into:
• The different types of data that AWS makes available to cloud security practitioners
• Why the reconnaissance phase of a cloud attack is where you should prioritize detection efforts
• How attackers abuse the AWS API to perform discovery, privilege escalation, and data exfiltration
• Offer advice on how organizations can defend their AWS estates from sophisticated threat actors