How Hackers Compromise the Cloud Control Plane

Presented by

Josh Stella, Chief Architect, Snyk

About this talk

When the headline says “Cloud Breach Due to Misconfigured Server,” we’re only getting a small part of the story. Critical information on what really went down rarely becomes public knowledge. But in order to keep cloud data secure, it’s essential to understand how attackers are exploiting the cloud API control plane, and expand the blast radius well beyond the initial misconfigured resource in order to inflict real damage. In this session, Josh Stella, Chief Architect at Snyk, will walk through the ways control plane compromise attacks happen, and why you need to go beyond traditional cloud security posture management in order to spot the deeper design flaws in your environment that make these attacks possible. Attendees will gain an understanding of: -What the cloud control plane is and why attackers need access to it -How to identify control plane compromise risks in your environment -Why cloud security hinges with secure design, and where to start
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (26)
Subscribers (2874)
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!