Emerging Threats Against Cloud Application Identities and What You Should Do About It

Explore emerging threats against cloud application identities and learn effective defense strategies in this comprehensive conference talk. Discover how to detect, recover from, and protect against attacks on application identities, including compromised administrators, credentials-in-code, and malicious applications masquerading as legitimate ones. Gain insights into the similarities and differences between defending user accounts and application identities. Understand why adversaries are shifting their focus to application identities as user account security improves. Learn about risky behaviors associated with application identities and how to implement robust protection measures. Delve into topics such as the principle of least privilege, service-to-service interactions, nonhuman identities, and recent cyberattacks like Solargate and consent phishing. Explore practical strategies for containment, remediation, and proactive security measures. Conclude with a demonstration on managing permissions effectively to enhance your cloud application security posture.

Introduction
About Sarah Young
What is an application identity
Principle of least privilege
Service to service
Nonhuman identity
Statistics
Solargate
Consent phishing
GitHub keys
Main threats
Phishing emails
Leaked credentials
Sign in logs
Audit logs
Leaked creds
What to do
Containment
Remediation
Proactive use
Summary
Permissions
Demo