IaaS clouds transformed datacenter security architecture by enabling programmatic detection of flaws, making the cloud more transparently secure than any legacy architecture. But security practitioners who assume congruence to legacy designs miss where attack surface and visibility has changed. With concrete examples, this talk will explore the practical risks posed by misunderstanding VPC DNS and more.
Learning Objectives:
1: Understand exfil. risks in cloud hosting services due to DNS and VPC endpoints.
2: Understand what mitigations are not available when moving from legacy to cloud.
3: Understand mitigations available for server and serverless (container) designs.
Speaker: Alexi Papaleonardos
Alexi Papaleonardos is a Principal Consultant at CrowdStrike. Prior to joining CrowdStrike, Papaleonardos was a Senior Security Engineer at Netflix and led the security operations team at Sony Network Entertainment, where he was also the Cloud Security Architect for the PlayStation Network. Earlier in his career, he held Defender roles for commercial and federal customers. His work in infosec began as a student at the Ohio State University where he was an incident responder.
Detailed Presentation:
Comments