Hands-On Workshop: Cloud VM Deployment...
Securing a cloud environment can be challenging and time consuming, especially if you don't know where to start. This Workshop will scrutinize a common cloud service: Virtual Machines, and focus on the secure implementation of that service. We'll discuss Operating Systems (and why it matters from a cloud perspective), as well as security groups, remote access, system and network hardening as well as how mature organizations handle deployments....
San Francisco 2023: Keynote - The Cloud...
The increasing reliance on cloud computing has driven the need for efficient and secure IT environments, necessitating the development of robust engineering skills across various domains. This keynote speech will explore the world of cloud investigations, focusing on the critical intersection of data engineering, infrastructure as code (IaC), and Continuous Integration/Continuous Deployment (CI/CD) pipelines. Attendees will learn about the lat...
The Rise of Terraform in Cloud Security
The Rise of Public Cloud Providers such as Amazon Web Services (AWS), Google Cloud (GCP), and Microsoft's Azure which serves the computing needs for small, medium and large businesses all over the world and there is no sign of any slowing the move to the “cloud”. These same Public Cloud providers have had at the same time become more complicated each day as we are creating more complex security holes with new cloud services, offeri...
2023 Architecting a Cloud Security Guar...
Security teams need to build consistent, reusable design patterns for cloud security controls that can be automated and maintained readily over time. Within cloud infrastructure, many controls can be provisioned and enabled ahead of time and operate autonomously in any deployment scenario. Commonly termed “guardrails,” these controls ensure that security capabilities are always enabled and operate within the context of deployments...
Hands-On Workshop: Building Better Dete...
This is a 2 hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, which is a follow-on from the talk “Building Better Cloud Detections... By Hacking? (Azure Edition)“, we will work through the process of creating a detection that we can us...
SANS Security West 2023
Learn real-world cyber security skills from top industry experts during SANS Security West 2023 (May 15-20). Join us In-Person in San Diego, CA or Live Online to experience interactive training with hands-on labs, practice your skills during NetWars Tournaments, and network with your peers in real-time. Choose your course and register now! SANS Security West 2023 Features: Hands-on labs in a virtual environment Courses include electronic and p...
Building Better Cloud Detections…By Hac...
As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments. The overall process and takeaways will be: Establish proper logging to detec...
The Myth of Cloud Agnosticism: Why Secu...
The movement towards multi-cloud has been growing momentum with no end in sight. Over 50% of the respondents to the SANS 2022 Multi-cloud Survey not only use all of the Big 3 Cloud Providers (AWS, Azure, and Google Cloud), but they also use all of the next three most popular CSPs (Alibaba Cloud, Oracle Cloud, and IBM Cloud). Organizations look to so-called “cloud-agnostic” technologies to manage this complexity. One such technology...
Hands-On Workshop: Building Detection in AWS
This is a 2 hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, which is a follow-on from the talk “Building Better Cloud Detections... By Hacking? (AWS Edition)“, we will work through the process of creating a detection that we can use...
Securing Your Cached Assets
Content delivery networks provide a valuable service and make the Internet a better place. Without them, streaming services would overwhelm entire networks. Mobile and single-paged web applications would take forever to load. But, what about sensitive data? Do we have to avoid caching sensitive data at all costs or are there ways we can secure it? Join me to learn more about origin protection and signature enforcement with custom policy in Ama...
You must be logged in to view details.
Membership is Free!
Please enter your email and password:
Please sign in with your email and password:
LinkedIn is experiencing technical difficulties. Please log in via email and password. If you do not remember your password, please click "Forgot Password" to reset.