Cloud Impact on Enterprise Security - Hack the Cloud, Hack the Company

Explore methods of penetration testing that leverage cloud services as entry points for significant system compromises in this 56-minute conference talk from OWASP Foundation. Learn how organizations using cloud infrastructure for product environments or outsourced IT can become vulnerable to attacks that exploit these services. Discover real-world examples from recent penetration tests conducted by iSEC Partners, illustrating how cloud-based attack surfaces can make it easier for attackers to access critical systems and data. Gain insights into true-to-life attack and penetration activities used by real attackers in headline-making breaches, as well as those that go unreported. Presented by Kevin Dunn, Technical VP at NCC Group, this talk draws on over 14 years of professional security consulting experience to provide valuable knowledge for enterprise security in the cloud era.