Overview
Explore a comprehensive analysis of eight real-world cloud identity breaches in this informative conference talk. Delve into the intricacies of mismanaged permissions, secrets, and identities that have been exploited in recent cloud security incidents. Examine unique insights, fascinating aspects, and practical advice for mitigating similar risks in each scenario. Discover key themes, including the unclear ownership of identity posture between development, operations, and security teams, and the challenges of managing authentication for automation technologies, serverless functions, and cloud-native activities. Learn about the persistent effectiveness of social engineering in bypassing multi-factor authentication and the significant attack surface presented by SaaS applications. Gain valuable takeaways beyond simple security measures, with each scenario highlighting a specific interesting aspect and providing actionable insights to enhance your cloud security posture.
Syllabus
IAM Confused: Decoding 8 Real World Cloud Identity Breaches - Maya Levine, Sysdig
Taught by
CNCF [Cloud Native Computing Foundation]