IAM Confused: Analyzing 8 Identity Breach Incidents - Maya Levine, Sysdig

less than 1 minute read

Abstract

Almost every cloud breach in recent years has taken advantage of mismanaged permissions, secrets, and identities. This session will dissect 8 real cloud breaches where attackers exploited insecure identities, each scenario unveiling unique insights, intriguing facets, and advice to mitigate similar risks. Themes include: Ownership of identity posture b/w Dev, Ops, & Sec is often unclear, leading to mistakes that stem from going fast Automation tech, serverless functions, & cloud-native activities require authentication. Often this is poorly managed, e.g. leaving secrets/credentials exposed in S3 state files (Human/machine identity management) MFA abuse through social engineering still works well SaaS apps are huge attack surface, with credentials being left everywhere: repos, Github, AD, Slack We will specifically highlight something interesting in each scenario and provide a key takeaway that is more useful than “lock your stuff down.”

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

IAM Confused: Analyzing 8 Identity Breach Incidents - Maya Levine, Sysdig

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google