Building and deploying modern systems in a highly regulated cloud environment is challenging. In this session, we will explore the DoD Cloud Computing Security Requirements Guide (SRG), key FedRAMP Security Controls, and key lessons learned. Regulators impose requirements that are meant to be applied in a traditional on-premise environment, which requires unique design decisions in cloud-native environments. In this session, we will explore th...

Snyk recently released a report on the State of Cloud Native Application Security to define how cloud native adoption has transformed the way modern organizations manage security threats. After surveying over 600 respondents, the report found that high levels of deployment automation empower continuous security testing when building cloud native applications. “Nearly 70% of respondents with high levels of deployment automation were able...

This year's survey explored the explosion of both remote work and the use of cloud-based systems on critical SOC functions and team operations, as well as shifting budgets. This webcast explores the results of our 2021 SOC Survey, which included real-world commentary taken from in-depth interviews with respondents who shared specific information about how they operate, as well as what does (and does not) work for them.

Every year at major security conferences, you can tell the trends in security because seemingly every product and service is being positioned as look at how we make things easier/cheaper/better. A few years ago, that was cyber threat intelligence (CTI). Then, it inexplicably changed to threat hunting. But practitioners know that you cant really separate threat hunting and threat intelligence any more than you can separate logs from a SIEM. Jus...

As more organizations shift to using a wide variety of cloud services, the nature of many security controls weve relied on is changing, and in some cases vanishing. With the new threat surface cloud brings, theres a definitive need for new, more cloud-friendly security tools and services that can help align with SaaS, PaaS, and IaaS deployments across all business cases. The focus we need to look at is what comes next in Cloud Security. Cyber...

This year's report, "DFIR Cloud Report: Partly Cloudy with a bUnch of DFIR," sought answers to some enduring questions, including: Why is cloud so important? Who relies on it and what do they need to consider when selecting cloud repositories? Are there security concerns What about personal vs. business cloud accounts? On this webcast, sponsor representatives will join the author to offer their answers to those questions, as well as share thei...

Cloud data is something that is always trending when it comes to data storage, privacy and access. Why is cloud so important? Who relies on it and what do they need to consider when selecting cloud repositories? Are there security concerns? What about personal vs. business cloud accounts? This webcast explores our 2021 report, "DFIR Cloud Report: Partly Cloudy with a Bunch of DFIR," which examines all you need to know about cloud data and why...

The cloud vendors offer hundreds of cloud services your team may be using. How can you identify threats across these services without drowning in a sea of alerts? Visibility across all services is a first step, combined with a highly tuned detection engine. A small number of attack patterns are present in most breaches. For example, lateral movement is estimated to be present in 70% of cyberattacks. Cloud native intrusion detection provides a...

Countless companies have, and continue to, fall victim to Magecart-style attacks. With no end to these hacks in sight, Cloudflare has developed a solution to detect and combat such breaches. Our Script Monitor feature is the beginning of Cloudflare’s ambition for Page Shield. When utilized, it records your site’s JavaScript dependencies over time. As new JavaScript dependencies appear, we alert you and help identify if bad actors m...

Are you a security practitioner who has suddenly been thrown into the world of cloud security and are confused by everything that is expected of you? No need to worry. This talk will go over some of the critical elements that you need to understand as you start your cloud security journey. We will cover where to start, what to pay attention to, and how you can trace a path to expand your cloud knowledge. As a bonus, we will show you in the AWS...