YoVDO

Break the Top 10 Cloud Attack Killchains

Offered By: RSA Conference via YouTube

Tags

RSA Conference Courses Cloud Security Courses Data Exfiltration Courses

Course Description

Overview

Explore the top 10 cloud attack kill chains and learn effective strategies to disrupt them in this informative RSA Conference talk. Gain insights from industry experts as they break down each step of the kill chain, identify the most vulnerable points, and discuss common security defenses that work across multiple chains. Discover how to protect against credential exposure, account hijacking, server compromises, database vulnerabilities, and object storage risks. Delve into topics such as server-side request forgery, cryptomining, network attacks, and novel cloud data exposure techniques. Understand contributing factors and apply practical knowledge to enhance your cloud security posture. Suitable for those with basic technical knowledge of public cloud providers like AWS, Azure, and GCP.

Syllabus

Intro
Kill Chains and ATT&CK'S
Objectives
Common sources of credential exposure
Static API Credential Exposure to Account Hijack
Compromised Server via Exposed SSH/RDP/Remote Access
Compromised Database via Inadvertent Exposure
RSAConference2020
Object Storage Public Data Exposure (53, Azure Blob)
Oops, my bad...
Server Side Request Forgery - Credential Abuse
Demo
Cryptomining
Network Attack
Compromised Secrets (Instance/VM)
Novel Cloud Data Exposure and Exfiltration
Subdomain Takeover
Non-Killchain Related Issues
Contributing Factors
Apply


Taught by

RSA Conference

Related Courses

Python 3 For Offensive PenTest: A Complete Practical Course
Udemy
Python for Command-and-control, Exfiltration and Impact
Infosec via Coursera
Network Analysis with Arkime
Pluralsight
Cisco Core Security: Secure Network Access, Visibility, and Enforcement
Pluralsight
Post Exploitation with Meterpreter
Pluralsight