Speakers:
Samira Eisaloo, Security Research, Advanced Threat Analytics, eSentire
Tim Steinbach, Manager, Advanced Threat Analytics, eSentire
Abstract:
With the complexities present in modern cloud environments, it can be a daunting task to keep track of permissions and policies. Users and service accounts often have more access than is strictly necessary, opening the doors for adversaries. Enumeration attacks are a common way for adversaries to expand their reach within a victim’s cloud environment. Once a set of credentials has been compromised or authentication tokens intercepted, the attacker will aim to discover resources they have gained access to. In order to achieve this, cloud services and accounts will be enumerated. Successful access will be further explored until a vulnerable system is found or data can be extracted.
Ещё видео!