Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud