ISSA Sacramento Chapter Meeting - Friday 2/19/2021, 11:30am

Primary tabs

ISSA Sacramento Valley Chapter Meeting

Due to the continuing pandemic, our meeting will be held via Zoom. Zoom meeting info will be sent to everyone who registers for the meeting the week of the meeting. So, please register below.

Speaker: Mike Raggo, Cloud Security Engineer, CloudKnox Security

Talk Title: Cloud Infrastructure Cyber Kill Chain - Threats & Countermeasures (slides found here)

Talk Description: Attackers are maturing their TTPs to now exploit over-permissioned identities within AWS, Azure, and GCP; resulting in very prominent breaches. In this session we’ll define a new Cloud Infrastructure Cyber Kill Chain and explore these TTPs to expose unique methods of lateral movement, privilege escalation, role-chaining, and more. Real world examples and best practices countermeasures will also be covered.

Additional References:

Case study of exposing your AWS keys on GitHub:
https://nagguru.medium.com/exposing-your-aws-access-keys-on-github-can-b...

The Egregious 11: Examining the Top Cloud Computing Threats:
https://www.cyberark.com/resources/blog/the-egregious-11-examining-the-t...

Protect your API keys in GitHub. Use AWS's tool to scan your GitHub merges/commits/etc. using regular expressions to detect secrets and reject any that contain a match.
https://github.com/awslabs/git-secrets

AWS security helpful blog archives:
https://summitroute.com

Speaker Bio: Michael T. Raggo has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in products including Samsung, Checkpoint, and Netgear. His current research focuses on hybrid cloud security risks and threats. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding” for Syngress Books, and contributing author for “Information Security the Complete Reference 2nd Edition”. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.

Dates: 
Friday, February 19, 2021 - 11:30am to 1:00pm
RSVP: 
The email to associate with this registration.