Securing Non-Human Identities Part 2: AWS and Privilege Escalation

Presented by

Sandy Bird, CTO, Sonrai Security & Eric Kedrosky, Director of Cloud Security Research, Sonrai Security

About this talk

Identities in a modern enterprise public cloud deployment are numerous and critical to securing your data. Non-human identities - like servers, VMs, serverless functions, applications, etc. - are being created at a rapid pace, sometimes by services without a person ever involved. AWS has given us tools to help govern access, but rapid innovation breeds complexity. Governance requires a new approach that meets this reality of ephemeral compute and complex webs of permission combinations. This is the second in a multi-part series on nonhuman identities. This session focuses on AWS but touches elements of multicloud management as well. We'll discuss: -Recap of what non-human identities are -Examples of AWS-specific risks -Best practices for managing them -Immediate steps anyone can take today to secure the identities
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (38)
Subscribers (6929)
Sonrai Security delivers an enterprise identity and data governance platform for AWS, Azure, Google Cloud, and Kubernetes.