Cloud Infrastructure Cyber Kill Chain
Event submitted on Saturday, July 24th 2021, approved by Content Team ✓
This event has been tagged as follows:
[edit this info]
TTPs (Tactics, Techniques, and Procedures) are important concepts in cybersecurity and threat intelligence. The goal is to uncover behavioral patterns that may be utilized to protect against certain methods and threat vectors employed by hostile actors. In this session, the organizers will construct a new Cloud Infrastructure Cyber Kill Chain and investigate these TTPs to uncover novel techniques of lateral movement, privilege escalation, role-chaining, and more. Real-world examples and best practices countermeasures will be discussed as well. Fascinating stuff – especially if you work within the space.
Conference Event Summary
The following description was either submitted by the Conference Organizer on Saturday, July 24th 2021, or created by us.
Attackers are maturing their TTPs to now to exploit identities within AWS, Azure, and GCP; resulting in very prominent breaches. In this session, we’ll define a new Cloud Infrastructure Cyber Kill Chain and explore these TTPs to expose unique methods of lateral movement, privilege escalation, role-chaining, and more. Real-world examples and best practices countermeasures will also be covered.
Speaker: Mike Raggo, Cloud Security Engineer, CloudKnox Security
Michael T. Raggo has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in products including Samsung, Checkpoint, and Netgear. His current research focuses on hybrid cloud security risks and threats. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding” for Syngress Books, and contributing author for “Information Security the Complete Reference 2nd Edition”. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.