Cloud Security Orienteering - Rami McCarthy (DEF CON 29 - Cloud Village)

Описание: Speaker: Rami McCarthy is a Staff Security Engineer at Cedar (a healthtech unicorn), and a recovering Security Consultant. He spent 3 years at NCC Group where he executed dozens of security assessments and sat on the Cloud Security working group. He was a core contributor to ScoutSuite - a multi-cloud auditing tool (and SaaS offering), and released sadcloud - a tool for Terraforming insecure AWS environments. Rami holds the CCSK, the AWS Certified Security – Specialty, and is completing an MS in information security leadership.

Twitter:   / ramimacisabird  

Abstract: Most of us are not lucky enough to have architected the perfect cloud environment, according to this month's best practices, and without any legacy elements or ""surprise"" assets. Over the course of a career in cloud security, you'll likely find yourself walking into a new environment and needing to rapidly orient yourself to both mitigate the biggest risks and also develop a roadmap towards a sustainable, secure future. As a security consultant, I had the challenge and opportunity to enter blind into a variety of cloud environments. They were across Azure, GCP, and AWS, some well-architected and others organically sprawling, containing a single account/project and hundreds. This gave me a rapid education in how to find the information necessary to familiarize myself with the environment, dig in to identify the risks that matter, and put together remediation plans that address short, medium, and long term goals. This talk will present a cloud and environment agnostic methodology for getting your bearings if tasked with securing a novel cloud environment. We'll learn by applying this to a sample AWS environment in order to cover:
An archeological guide for where and how to find organizational context
How to quickly find and kill the most common attack vectors at the perimeter (both network and identity)
Common architectural and deployment patterns, how to spot them, and their security implications
What you need to know, what you need to prioritize, and what best practices" aren't worth the squeeze when you're in a crunch.


--

Cloud village is an open space to meet folks interested in offensive and defensive aspects of cloud security. The village is home to various activities like talks, workshops, CTFs and discussions targeted around cloud services.

If you are a professional who is looking to gain knowledge on securely maintaining the cloud stack and loves to be around like-minded security folks who share the similar zeal towards the community, Cloud Village is the perfect place for you.

Website: https://cloud-village.org/
Twitter:   / cloudvillage_dc