Cloud Security Masterclass: Minimizing the Blast Radius of a Cloud Breach

Presented by

Josh Stella, Chief Architect of Snyk

About this talk

The Twitch breach may have begun with a lone server misconfiguration, but its blast radius reached everything from sensitive customer data to source code for yet-to-be-released applications. Today’s cloud attacks don’t exploit a single misconfiguration, but rather a series of them. In this Cloud Security Masterclass, Josh Stella will walk through a process for understanding the blast radius of a variety of potential security events in your environment, and steps you can take to prevent minor ones from becoming catastrophic breaches. You’ll walk away from this session with an understanding of how to: Evaluate your Identity and Access Management (IAM) resources for weaknesses that attackers can exploit Employ penetration testing methodologies to assess the blast radius of public-facing resource misconfigurations Harden your cloud security posture using policy as code to address complex, multi-resource “blast radius” risks

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (26)
Subscribers (2811)
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!