Security Industry Call-to-Action - We Need a Cloud Vulnerability Database

Explore a compelling call-to-action for the security industry in this 47-minute Black Hat conference talk. Delve into the Wiz Research Team's discoveries of unprecedented cloud vulnerabilities in AWS, GCP, and Azure, examining key learnings from OMIGOD, ChaosDB, and AWS IAM cross-account vulnerabilities. Analyze the current CVE model's limitations for cloud environments and join the movement to create a more cloud-friendly vulnerability database. Gain insights into the cloud responsibility model, new cloud issues, and real-world examples of cloud vulnerabilities. Understand the importance of transparency, remediation, and regulatory rules in addressing cloud security challenges. Witness a demo of a proposed cloud vulnerability database and learn how to actively participate in improving cloud security practices. Leave empowered with knowledge on how to respond to cloud vulnerabilities and contribute to a safer cloud ecosystem.

Introduction
Outline
About Wiz
Action Required
Cloud Responsibility Model
Cloud Vulnerability Research
New Cloud Issues
AWS Vulnerability
AWS Service Changes
AWS Vulnerability Email
AWS Policies
Cloud Vulnerability Example
Cloud Middleware Example
Microsofts Response
The Turning Point
Summary
ChaosDB KSDB
Microsoft
Conclusion
Recap
Five Points
One Place
Cursed Database
Vulnerability Ranking System
Transparency
Remediation
Reg Rule
Demo
Cloud Vulnerability Database
Whats Next
Join Our Community
The Problem is Real
How to Respond
The Power is in Your Hand
Thank You
Vulnerability