Hi [[ session.user.profile.firstName ]]

Privilege Escalation Attacks in AWS: How They Work, How To Stop Them

AWS, like every advanced cloud platform, has well-known security flaws that can lead to catastrophic problems if you are not paying careful attention. One of the most dangerous allows innocuous accounts usually granted to developers to be given admin access. Such attacks work because a sequence of seemingly unimportant missteps in configuring different parts of AWS allows the escalation to occur. This webinar will show how these attacks work and how to be diligent about monitoring to make sure such attacks never succeed on your watch.

This webinar will cover:

The general nature of escalation attacks
* How AWS is specifically vulnerable
* What to do to monitor for mistakes that make these escalation attacks possible
* How to use Sonrai Security to automate such monitoring
Recorded Jan 28 2020 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
Presentation preview: Privilege Escalation Attacks in AWS: How They Work, How To Stop Them
  • Channel
  • Channel profile
  • Managing Non-people Identities in AWS and Azure Feb 20 2020 7:00 pm UTC 60 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
    Cloud-native application development and DevOps has led to an explosion of what are called non-people identities. Non-people identities (servers, VMs, serverless, applications, etc.) can be created manually and automatically, and like identities used for people, they can be the targets for security attacks. The methods and strategies for creating a workable and effective governance program for these identities are just beginning to be understood. In this webinar,, Dan Woods, Principal Analyst at Early Adopter Research, and Sandy Bird, CTO of Sonrai Security, will look at the common mistakes made when managing non-people identities in AWS and Azure that lead to security vulnerabilities and the governance and management techniques needed to keep such identities safe. Topics covered:

    * Forces driving the explosion of non-people identities
    * Specific problems that occur in AWS and Azure
    * Security threats that often occur from mismanaged non-people identities
    * Governance and management to solve common problems in AWS, Azure, and across all clouds
  • Privilege Escalation Attacks in AWS: How They Work, How To Stop Them Recorded: Jan 28 2020 58 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
    AWS, like every advanced cloud platform, has well-known security flaws that can lead to catastrophic problems if you are not paying careful attention. One of the most dangerous allows innocuous accounts usually granted to developers to be given admin access. Such attacks work because a sequence of seemingly unimportant missteps in configuring different parts of AWS allows the escalation to occur. This webinar will show how these attacks work and how to be diligent about monitoring to make sure such attacks never succeed on your watch.

    This webinar will cover:

    The general nature of escalation attacks
    * How AWS is specifically vulnerable
    * What to do to monitor for mistakes that make these escalation attacks possible
    * How to use Sonrai Security to automate such monitoring
  • How Public Cloud Changes Cybersecurity for the Better Recorded: Dec 17 2019 56 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
    While many basic security controls are enduring, public cloud (AWS, Azure, and Google Cloud) has introduced a wave of new practices, tactics, and forms of automation to implement those controls. In total, these capabilities are going to make cloud security better than on-premise methods. The elasticity and scale of public cloud has led to more integrations of cybersecurity in the creation of computing assets. The abundant data available has led to new forms of automated configuration and monitoring for breaches. Software-defined everything and APIs have given cybersecurity systems a wider range of power and opened the way for declarative methods of implementing security in the cloud. In this webinar, Dan Woods, Principal Analyst at Early Adopter Research, and Sandy Bird, CTO of Sonrai Security, will look at how public cloud is changing cybersecurity for the better and the long term impact of these new capabilities. One key impact is that soon on-prem data centers will be recognized as less secure than cloud data centers.

    Key questions:
    * What are the core differences between cloud security and on-premise methods?
    * How has abundant data opened up new possibilities for monitoring and automation?
    * What is the impact of software-defined infrastructure?
    * Why is identity central to security in public cloud?
    * How has public cloud security broken new ground in managing complexity?
    * What new forms of automation of security are emerging in the cloud?
    * Are AI and ML being implemented faster in the cloud?
  • Anatomy of 5 Notorious Cloud Data Breaches Recorded: Nov 20 2019 56 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
    Cloud data breaches follow distinct patterns that can be studied and learned from. In this webinar, Dan Woods, Principal Analyst at Early Adopter Research, and Sandy Bird, CTO of Sonrai Security, dissect five notorious and distinct types of cloud data breaches, breaking down how each was caused and how they could have been prevented. Each of these five is an archetype of a family of breaches. This webinar will detail the anatomy of each type of breach, what we can learn, what allowed the breach to happen, and preventative measures.

    Breakdown of the 5 breaches:

    * Identity and authentication for data storage
    * Public cloud misconfiguration
    * Key and secret management
    * Overprivilege
    * Insider threats
  • Comparing Public Cloud Security Across AWS, Azure, and GCP: Lessons for Security Recorded: Oct 24 2019 61 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
    The cybersecurity infrastructure for each of the major public clouds is a work in progress. But for all of them, it has become obvious that identity and data access is effectively the new perimeter. By examining what is the same and what is different about each public cloud’s identity and access management mechanisms, Dan Woods, Principal Analyst at Early Adopter Research, and Sandy Bird, CTO of Sonrai Security, explain how the shift to public cloud is changing the rules for security. We identify the different principles each public cloud vendor is using as well as the different approaches to account organization and how resources are protected.


    Questions:
    -Why are identity and data access the new perimeter?

    -Why has zero-trust become the default organizing principle for cloud security?

    -What are the crucial requirements for cloud data security?

    -How are these requirements implemented in each cloud?

    -What are the differences in security practices between AWS, Azure, and Google Cloud?

    -What burdens does the new cloud model put upon cloud users?

    -What goes wrong when these burdens are not properly managed?
  • Identities Are The New Perimeter For Securing Data In Public Cloud Recorded: Sep 30 2019 34 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security
    Join Sonrai Security CTO & Co-Founder Sandy Bird as he presents multiple IAM configuration options available on AWS, Azure, & GCP that can deliver strong application security or a breach nightmare

    Organizations of all sizes are harnessing the operational and cost benefits of public cloud. Unfortunately, cloud platforms like AWS, Azure, and GCP provide a wide range of identity and access management (IAM) based configuration options, that can be disastrous if not properly architected. During this webinar, you will learn the benefits and risk trade-offs of multiple public cloud IAM configuration options including:

    -Organization/Account-wide privilege
    -Privilege delegation & escalation (by user or role)
    -Service-based & in-line privilege
    -Understanding of IAM policy best practices and conflict resolution

    Enterprises building in public cloud must ensure their security programs tightly control trust relationships that can be configured from IAM options to ensure adherence to the principles of least privilege and the segregation of duties. Public cloud IAM capabilities can be highly effective to build secure applications when done well. However, they can lead to a disastrous breach when poorly configured.
  • Preventing Data Loss in Public Clouds Recorded: Aug 27 2019 49 mins
    Sandy Bird, CTO and Co-founder, Sonrai Security
    The Capital One loss of credit card applications for 106 million people is a sobering reminder that complexity stifles even the most sophisticated cloud teams. However, this will not deter the unstoppable growth of public cloud. We firmly believe that public cloud will be more secure than enterprise data centers. But only by using a unique approach.

    During this webinar you will learn :

    -The anatomy of the Capital One breach
    -How to minimize privilege and access
    -How to minimize access paths
    -The importance of baseline trust
    -How to continuously monitor (beyond S3)
    -Why configuration checks are not good enough
  • 10 Foundational "Public Cloud Security Principles" for Securing Data Recorded: Aug 9 2019 34 mins
    Sandy Bird, CTO & Co-Founder
    As Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) have exploded, the complexity of securing your data in public clouds has also exploded. While networking controls remain essential, these controls are insufficient in the new world of public cloud. Working with customers, Sonrai Security has developed the “Public Cloud Security Principles” to help guide your path for public cloud security.

    During this webinar you will learn:

    - An overview of the Sonrai Security “Public Cloud Security Principles”
    - An overview of why key principles around cloud identity and data access trust relationships should be monitored and managed at very granular levels to reduce potential breach blast radius
    - Considerations around the automation of 3 manifesto principles to reduce risk of breach of data resident in the public cloud
    - How Sonrai Security is helping companies automate critical cloud security control policies to address key public cloud security principles.
Live monthly webcasts on Public Cloud and security
Identity and Data Protection for AWS, Azure, and Google Cloud

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Privilege Escalation Attacks in AWS: How They Work, How To Stop Them
  • Live at: Jan 28 2020 7:30 pm
  • Presented by: Sandy Bird, CTO and Co-founder, Sonrai Security & Dan Woods, Principal Analyst, Early Adopter Research
  • From:
Your email has been sent.
or close