Using Behavior to Protect Cloud Servers

Explore cloud server security challenges and innovative solutions in this 43-minute conference talk from BSidesSF 2016. Delve into the complexities of securing cloud servers in the face of widespread IaaS and PaaS adoption. Learn how behavior-based real-time analytics can create dynamic fingerprints of automated services and employees, enabling more effective security measures. Discover the limitations of rule-based access security and the potential risks of compromised SSH keys and tokens. Examine dynamic privilege management techniques for identifying and preventing insider threats and privilege escalation attacks in real-time. Gain insights into next-generation privilege management principles and their application in securing cloud assets. The talk covers topics such as user behavior analysis, directory services, compliance, profiling cloud servers and applications, classification methods, and actionable security measures. Acquire practical knowledge about SSH proxies, cloud app profiling, and essential tools for implementing robust cloud security strategies.

Introduction
Welcome
Agenda
Cloud Servers
User Behavior
Directory Services
Challenges Threats
Challenges
How do we protect ourselves
Profiling Cloud Servers
Compliance
Behavior
Example
Commands
Feature sets
Classification
Making it actionable
Keeping learning
Tools
SSH Proxy
Profile Cloud Apps
The Good
Pointers