Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

Emerging Threats Against Cloud Application Identities and What You Should Do About It

NDC Conferences via YouTube

Overview

Explore emerging threats against cloud application identities and learn effective defense strategies in this comprehensive conference talk. Discover how to detect, recover from, and protect against attacks on application identities, including compromised administrators, credentials-in-code, and malicious applications masquerading as legitimate ones. Gain insights into the similarities and differences between defending user accounts and application identities. Understand why adversaries are shifting their focus to application identities as user account security improves. Learn about risky behaviors associated with application identities and how to implement robust protection measures. Delve into topics such as the principle of least privilege, service-to-service interactions, nonhuman identities, and recent cyberattacks like Solargate and consent phishing. Explore practical strategies for containment, remediation, and proactive security measures. Conclude with a demonstration on managing permissions effectively to enhance your cloud application security posture.

Syllabus

Introduction
About Sarah Young
What is an application identity
Principle of least privilege
Service to service
Nonhuman identity
Statistics
Solargate
Consent phishing
GitHub keys
Main threats
Phishing emails
Leaked credentials
Sign in logs
Audit logs
Leaked creds
What to do
Containment
Remediation
Proactive use
Summary
Permissions
Demo

Taught by

NDC Conferences

Reviews

Start your review of Emerging Threats Against Cloud Application Identities and What You Should Do About It

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.