A Golden Ticket to the Cloud

Explore cloud security challenges and advanced attack techniques in this 30-minute conference talk from OSDFCon 2021. Delve into the post-pandemic surge in cloud migration and associated security breaches, focusing on the Golden SAML attack that bypasses Federation Services. Learn how to detect unauthorized logins by correlating authentication logs between federation and cloud environments. Discover open-source tools for understanding and securing cloud infrastructures, and gain insights from a case study demonstrating high-fidelity detection approaches against adversaries. Benefit from the expertise of seasoned cybersecurity professionals Nader Zaveri and Omar Toor as they share strategies for incident response, remediation, and improving organizational security posture in both cloud and on-premises environments.

Intro
Presentation Overview
Cloud Threats
Common Attack Methods
The Golden SAMU Attack
AWS
AWS API Calls
Authentication Attempts