Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford

Channel:
United States SANS Institute
Subscribers:
64,099
Published on ● Video Link: https://www.youtube.com/watch?v=U3tO6WOwSF8


Duration: 43:16
1,118 views
29

Dave Shackleford @daveshackleford, Summit Co-Chair, SANS Institute
#SANSCloudSummit 2020

For the past ten years or so, we've seen incredible growth in the development and use of cloud technologies and services. Right alongside that, sadly, has been an increase in attacks and breaches related to cloud services, as well as a few outages of note. As we're all interested in building implementing security controls and processes to help defend our cloud infrastructure, it's never a bad idea to break down some of the things we've seen go wrong, hopefully learning from them to avoid the same mishaps and incidents in our own environments.

In this talk, Dave will dissect a chronological list of cloud incidents of note, with a brief post-mortem and alignment with the MITRE ATT&CK framework. Some of the incidents we've seen are relatively straightforward, and others are much more nuanced, but we can learn something from all of them. This presentation will also include ample references for attendees to take back for their own research, as well.

View upcoming Summits: http://www.sans.org/u/DuS



Other Videos By SANS Institute


2020-10-28Spooky RYUKy: The Return of UNC1878 | SANS STAR Webcast
2020-10-27Owning Your Narrative: Lessons from #SharetheMicinCyber | Camille Stewart
2020-10-22Raising the Tide: Driving Improvement in Security By Being a Good Human | David Bianco
2020-10-20You Are the Prize: How to Hire the Right Boss and Employer for a More Fulfilling Career | InfoSteph
2020-10-16Human Aspects of Ransomware
2020-10-14Using COVID-19 to Exploit Fear, Uncertainty, and Doubt (FUD)
2020-10-01PowerShell 2020: State of the Art / Hack / Infection - SANS@Mic Keynote Network Security
2020-09-29Threat Hunting in the Microsoft Cloud: Times They Are a-Changin' | John Stoner
2020-09-28Securing Cloud Deployments: A Red Team Perspective | Matt Burrough
2020-09-25The Value of Commercial Threat Intelligence Sources | STAR Webcast
2020-09-25Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford
2020-09-24Doing Cloud in China | Kenneth G. Hartman
2020-09-23SANS Live Online Testimonial Compilation
2020-09-23Put a Lid on Those AWS S3 Buckets | Lily Lee and Melisa Napoles
2020-09-22Building a Pipeline for Secure Virtual Machines in AWS | Shaun McCullough
2020-09-15What’s New in SEC401: Security Essentials Bootcamp Style
2020-09-14Intro to Web Applications: What the Heck is a Web App? - SANS Cyber Camp
2020-09-14Cyber Security Awareness for Online Safety - SANS Cyber Camp
2020-09-14Cyber Camp Panel - SANS Cyber Camp
2020-09-14Introduction to Network Analysis Workshop - SANS Cyber Camp
2020-09-14Be Smarter Than the Smartphone Workshop - SANS Cyber Camp


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training