fwd:cloudsec

Speakers


Blowing stuff up at scale with pitch perfect attack simulations


Challenges with Deleting AWS Accounts at scale


Building Blocks for Zero-Trust Internal App Defense


Using ATT&CK® for Containers to Level Up your Cloud Defenses


Has Anyone Seen the Principal


Least-Privilege Kubernetes Authorization with OPA


Standardizing Terraform Linting: How Square proactively detects and prevents cloud misconfiguration


Audit metrics as drivers for zero trust and cloud automation


Permission Mining in GCP


Crushing Cloud Misconfiguration MTTR Through Open Source


Securing Container Image Supply Chains with tools such as Goss and OpenSCAP


Supercharging Alerts using Dassana: A normalization, contextualization, and prioritization tool.


Operationalizing AWS Guard Duty: A Risk Based Story


CloudTrail Logging Internals - A Methodology For Investigating AWS Security Incidents


Mapping the AWS IAM universe


Security Guardrails at Scale in Azure


Bridge Your Service Mesh and AWS


Managing vendor access in AWS is nearly impossible


The Enterprise Cloud Journey: Lessons learned taking organizations to cloud


An Introduction to Azure Offensive Security


AWS Config Rules & Remediation - Rock'em Sock'em Robots


Why aren’t you using VPC Service Controls yet?


Automating security assessments using Cloud Katana


Access Undenied - Automatically discovering the reasons for Access Denied messages in AWS IAM


Kubernetes Security: PSP deprecation is an opportunity for a new security model


Automating AWS Privilege Escalation Risk Detection With Principal Mapper


KISS towards ZTA and service mesh - defense in depth with layers of envoy for authentication and an authorization sidecar


SELECT * for the Cloud: Simplify Cloud Security and Compliance with Cloudquery


An Attacker's Approach to Pentesting IBM Cloud


OH CR&P! I think we've been breached