Mapping Motives: Analysis of 2,000 Enterprise Cloud Detections - Strengthening Multi-Cloud SOC

Explore an in-depth analysis of over 2,000 live cloud-based detections across hundreds of IaaS customers in this informative conference talk. Discover common themes and defensive patterns in enterprise cloud controls, as well as identify potential weak points. Learn how the MITRE ATT&CK Cloud framework was applied as a machine learning corpus to illustrate attacker stories and necessary detections for cloud impact. Gain insights into a novel approach that maps verb and noun relationships of cloud infrastructure and workspaces to attacker motives, creating actionable control stories applicable to any SIEM or big data solution. Join this practical journey to strengthen multi-cloud Security Operations Centers (SOCs) with valuable lessons and actionable insights from a cloud detections engineering team.