Break the Top 10 Cloud Attack Killchains

Explore the top 10 cloud attack kill chains and learn effective strategies to disrupt them in this informative RSA Conference talk. Gain insights from industry experts as they break down each step of the kill chain, identify the most vulnerable points, and discuss common security defenses that work across multiple chains. Discover how to protect against credential exposure, account hijacking, server compromises, database vulnerabilities, and object storage risks. Delve into topics such as server-side request forgery, cryptomining, network attacks, and novel cloud data exposure techniques. Understand contributing factors and apply practical knowledge to enhance your cloud security posture. Suitable for those with basic technical knowledge of public cloud providers like AWS, Azure, and GCP.

Intro
Kill Chains and ATT&CK'S
Objectives
Common sources of credential exposure
Static API Credential Exposure to Account Hijack
Compromised Server via Exposed SSH/RDP/Remote Access
Compromised Database via Inadvertent Exposure
RSAConference2020
Object Storage Public Data Exposure (53, Azure Blob)
Oops, my bad...
Server Side Request Forgery - Credential Abuse
Demo
Cryptomining
Network Attack
Compromised Secrets (Instance/VM)
Novel Cloud Data Exposure and Exfiltration
Subdomain Takeover
Non-Killchain Related Issues
Contributing Factors
Apply