What leads to a cloud security breach? Misconfigurations, exposed APIs, vulnerability exploitation, and more. Attacker motivations haven’t changed much, but their methods have adapted to new technologies. As a defender, you must adapt too. Learn about the differences between cloud vs on-premise threats and breaches. What has changed? Are certain attack types more prevalent, attractive, or easy to execute in the cloud? Why? What are the high-level cloud attack trends (and defenses) and how to cope? We will walk through 7 examples of real cloud breaches based on analysis from the Sysdig Threat Research Team. Each breach discussed involves cloud infrastructure. We focus on the attack patterns, response patterns, and other interesting elements that give insight into how to better protect and respond to incidents in cloud environments. You won’t hear general, “lock your stuff down” guidance; each scenario will have a specific takeaway so you can avoid a similar pitfall. After this talk the audience will have an in-depth understanding of common cloud breaches currently running in the wild, lessons learned, and a full list of actions to avoid ending up in the news.