Name: Threat Detection in AWS: Cloud security secrets from my time at AWS
Start: 2022-11-18T18:00:00Z
End: 2022-11-18T18:00:29.000Z
Location: BrightTALK
Rating: 5

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

CNAPPs have brought unprecedented visibility into cloud identity and permissions risks, but visibility alone doesn't solve the problem. Thousands of findings (like unused identities, over-permissioned accounts, and lateral movement risks) have been prioritized, but we’re still asking devs to fix these one by one in a process that never brings meaningful risk reduction. Cloud teams are inundated, struggling to remediate these issues while keeping productivity high.

Join us for an insightful webinar where we discuss how to centralize policy control and bulk remediation that will burn down the CNAPP alert queue. We’ll explore:

• Why identity and permission issues pile up despite CNAPP’s insights
• How to cut through the complexity of manual remediation with bulk actions
• Centralizing and giving control back to the cloud team while still ‘shifting left’

Discover practical approaches to operationalize CNAPP findings, enable bulk fixes, and implement least-privilege practices without compromising productivity. 

If you’re ready to transform CNAPP visibility into real risk reduction, this webinar is for you.

Tackling AWS Identity Risks at Scale—Beyond CNAPP Visibility

Balancing rapid software releases with stringent compliance requirements is a challenge that many organizations face. Compliance and DevOps teams often have competing priorities, leading to bottlenecks, delays, and frustration. But it doesn’t have to be this way.

Join Drata and AWS for an engaging session where GRC and DevOps leaders will discuss their goals and challenges and how starting compliance left has led to faster releases and easier audits. Learn about their best practices on the processes and technologies that help them work together to navigate the complex web of industry regulations and audit requirements.

Topics covered: 
• Best practices for collaboration between DevSecOps and Compliance teams 
• How to create workflows for maintaining checks and balances to help your teams thrive
• How to build a culture of security and compliance across your organization 
• Tools and solutions that enable smoother collaboration and faster time to market while staying audit-ready

If you’ve ever felt the friction between compliance, security, and development, this webinar is for you. Join us to learn how to turn “Compliance vs. DevOps” into “Compliance and DevOps”—better together.

From Roadblocks to Releases: Bridging the GRC and DevOps Gap

Join us for a candid conversation with Mario Duarte, former CISO at Snowflake and now the CISO of Aembit. Mario is now focused on one of cybersecurity’s toughest and most overlooked challenges: securing non-human identities (NHIs) across applications, services, and workloads.In this live discussion, we’ll go behind the curtain and talk about the real issues security teams are facing when it comes to managing access between workloads and sensitive resources. Mario will break down why relying on static credentials is a ticking time bomb and share practical, real-world NHI security solutions for complex and distributed enterprise environments.

What we’ll cover:
• Why static credentials and secrets management vaults are no longer enough.
• How to ensure your workloads authenticate securely to the right resources.
• What parallels can be drawn between human IAM (think username/password) and non-human IAM.
• How to confidently embrace innovative solutions from emerging companies without compromising security.

This is your chance to hear directly from a veteran CISO with a passion for identity management and experience on the frontlines of enterprise security.

A CISO’s Perspective on Securing Non-Human Identities

As with any piece of enterprise software, choosing and buying a PAM solution is a fraction of the battle. Many installations fail or never get rolled out fully due to deployment complications and competing priorities. In this webinar, we will discuss common pitfalls, where implementations typically fail, and what you can do to make sure you are fully prepared to deploy and roll out PAM successfully in your organization.

Join this session to:
• Understand why many PAM rollouts fail
• Explore best practices around deployment
• Put a plan for success together
• Learn about new methodologies that can facilitate success

Unlocking Success: Navigating the Pitfalls of Privileged Access Management Deployment

Cloud Native applications and Services are the workhorses of modern cloud environments. They hold most of the organization's crown jewels and are therefore often the target for insider and outsider threats. Existing cloud security posture management and hardening solutions (CSPM) as well as real time detection and response solution (EDR) operate in Silo mode and are therefore failing to provide systematic security across the lifecycle of Cloud Native assets.

Cloud Security Reimagined: Bridging the Cloud – DevSecOps - Application Security Gap

Vanta’s 2024 State of Trust Report found that cybersecurity risk is the biggest concern for business leaders, higher than both financial and operational risk. With more reliance on third-party vendors and increased use of AI technologies, security leaders face a more complex threat landscape while also managing resource constraints.

Successfully navigating these challenges requires CISOs to go beyond industry standards to address risk, deliver business impact, and build a community of trust. 

In this webinar, we will share key findings from Vanta’s survey of 2,500 IT and business leaders and discuss strategies for building, demonstrating, and strengthening trust across your ecosystem.

The State of Trust: How CISOs Can Go Beyond Industry Standards to Manage Risk

As AI continues to revolutionize industries, the demand for real-time insights and faster decision-making is at an all-time high. However, alongside this growth comes a significant challenge: securing sensitive data during AI model training and inference.

In this webinar, we will explore how Confidential Computing is transforming AI security, using real-world insights from the U.S. Navy’s use case securing LLM workloads. In a groundbreaking POC, the U.S. Navy leveraged Confidential Computing to run secure AI operations on NVIDIA H100 Tensor Core GPUs, ensuring full data privacy without sacrificing performance.

You'll gain a technical understanding of Confidential Computing on GPUs and how the Anjuna Seaglass platform integrates to secure AI workloads at scale. Learn how enterprises and government organizations can unlock secure, AI-driven insights—achieving measurable business value in as little as one hour.

Whether you’re in public sector, finance, healthcare, or any other sector leveraging AI, this session will show you how to secure your most critical data while maintaining the performance and flexibility your business demands.

AI at Its Best: US Navy Explores LLM Trust and Performance with NVIDIA & Anjuna

In this presentation we explore the Interoperability and Portability (IPY) domain of the Cloud Control Matrix (CCM), which comprises four control specifications aimed at ensuring secure and seamless data exchange across multiple platforms and Cloud Service Providers (CSPs). These controls help Cloud Service Customers (CSCs) avoid vendor lock-in and foster an environment where interoperability and portability are not limited by security concerns.

In the Shared Security Responsibility Model (SSRM), both CSPs and CSCs independently share responsibility for ensuring interoperability and portability in the cloud ecosystem. CSPs are typically responsible for implementing standardized communication protocols, maintaining cross-platform compatibility, and ensuring secure data exchange. CSCs, on the other hand, must leverage these tools for secure data backup, transfer, and restoration, as well as manage the integration of cloud environments. Both parties are responsible for documenting data portability obligations, such as defining data ownership and migration procedures.

This presentation will help you understand how effective interoperability and portability controls contribute to a secure, flexible, and vendor-neutral cloud ecosystem.

Interoperability and Portability

What are the must-know secrets to multicloud security? Refactoring applications and AI-driven development reshape cloud security, presenting new challenges to organizations. Security experts must figure out how to be the defenders of their cloud without hindering the teams who build and deploy applications in the cloud.

Join Jason Williams, senior product marketing manager at Palo Alto Networks, for a webinar that explores the six key requirements for securing multicloud environments.

In this webinar, you'll gain insights into:
• Achieving unparalleled multicloud visibility that actually helps you understand your clouds and detect threats swiftly.
• Prioritizing and neutralizing risks effectively to maintain a strong security posture amidst evolving threats.
• Implementing advanced security measures to safeguard sensitive information across all cloud environments.

Equip yourself with the knowledge to enhance your multicloud security strategy. Register now to secure your spot and stay ahead in the ever-evolving world of cloud security.

6 Key Requirements to Multicloud Security

Small and medium-sized businesses understand the need for SOC 2 to show proof that they are protecting those they do business with, growing their business safely, and closing deals. But where do you get started? 

Join Drata and AWS for a technical deep-dive into achieving and maintaining compliance with your AWS infrastructure. You will learn how to leverage automation to increase efficiency and reduce human error and build a SOC 2 roadmap that helps you achieve compliance today while keeping infrastructure and code compliant year-round. 

Topics covered: 
• Key areas to focus on when approaching SOC 2 on AWS infrastructure
• How to leverage automation and AI to increase efficiency and shift left on your compliance program
• What to expect before, during, and after the audit
• How to stay proactive with your compliance program

* Attendees are eligible for a free compliance assessment. *

Smart SOC 2: Automating Compliance with Drata and AWS

In this presentation we explore Universal Endpoint Management (UEM) domain of the Cloud Controls Matrix, which includes fourteen control specifications focused on mitigating risks associated with endpoints, including mobile devices. The primary concerns in endpoint security relate to user behavior and awareness regarding acceptable use policies for devices, whether they are managed, unmanaged, enterprise-owned, or personal.

Under the Shared Security Responsibility Model (SSRM), both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) have independent yet complementary roles in implementing UEM controls. CSPs are responsible for managing endpoint capabilities, including maintaining inventories, approving acceptable services and applications, and implementing security measures like automatic lock screens, firewalls, anti-malware, and data loss prevention technologies. CSCs, in turn, must securely manage their own devices, ensure compliance with CSP security policies, and protect their data.

Universal Endpoint Management

In this presentation we introduce the Security Incident Management, E-Discovery, and Cloud Forensics (SEF) domain, which comprises eight control specifications critical for managing and responding to security incidents, conducting e-discovery, and performing forensics in the cloud. These controls enable both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) to detect, analyze, and respond to security incidents in a timely manner, minimizing disruption to business operations.

Under the Shared Security Responsibility Model (SSRM), both CSPs and CSCs are responsible for developing incident response plans, defining roles and responsibilities, implementing incident metrics, reporting to stakeholders, and escalating procedures to efficiently manage security incidents. Collaboration is key, with CSPs offering insights into infrastructure-level causes of incidents, while CSCs provide data, application, and user-specific context for thorough investigation and resolution.

Security Incident Management, E-Discovery, and Cloud Forensics

In this presentation we introduce the Audit and Assurance (A&A) domain within the Cloud Control Matrix (CCM). The A&A domain, consisting of six control specifications, plays a pivotal role in guiding both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) to build the confidence required for critical decision-making, communication, and reporting. This domain focuses on key processes, including those embedded in the CCM, and ensures they are evaluated through rigorous assessment, verification, and validation activities.
Designed to support the audit management processes of both CSPs and CSCs, the A&A domain facilitates audit planning, risk analysis, security control assessments, and remediation. It further enables effective reporting and evaluation of attestations and supporting evidence, ensuring transparent and reliable oversight.
The Shared Security Responsibility Model (SSRM) clearly outlines the responsibilities of CSPs and CSCs in implementing the A&A controls within cloud environments. Each party is independently accountable for establishing comprehensive audit and assurance policies, conducting regular security assessments, and adhering to relevant standards and regulatory requirements. By aligning their A&A controls with the SSRM, both CSPs and CSCs can independently fulfill their assurance needs over the control processes defined by the CCM.

Audit and Assurance

In this presentation, we introduce the CCM's Application and Interface Security (AIS) domain. With seven control specifications, the AIS domain is focused on securing the software and interfaces used within cloud environments. It helps organizations identify and mitigate risks during the design and development phases of their cloud-based applications.

Effective implementation of cloud security controls in this domain is crucial for Cloud Service Providers (CSPs) to safeguard the integrity, confidentiality, and availability of their applications and interfaces. Ensuring a robust security posture at this level is critical to protecting the entire cloud landscape.

Following the Shared Security Responsibility Model (SSRM), the responsibility for securing cloud infrastructure is divided between CSPs and Cloud Service Customers (CSCs). CSPs must secure the foundational infrastructure by offering secure applications and APIs, adhering to secure coding practices, establishing application security baselines, and conducting automated security testing. They are also responsible for maintaining secure runtime environments. On the other hand, CSCs are tasked with securing their applications and interfaces, ensuring proper configuration, upgrading systems as needed, and integrating security measures into new versions of applications in line with best practices and the chosen cloud deployment model.

When both CSPs and CSCs align their efforts within the AIS domain, they help create a more secure cloud environment. This reduces the risk of application vulnerabilities and strengthens the confidentiality and integrity of data. Collaboration between the two parties fosters improved communication, enabling quicker responses to emerging threats and more efficient incident resolution.

Application and Interface Security

Did you know that for every human identity created  there are 92 Non-human Identities? As more and more NHIs & secrets are  being created by the R&D teams, the number and variety of NHIs per organization are exploding. This webinar will explore the importance of integrating Non-Human identity management into a modern application security program. 

• Key challenges organizations face when it comes to NHI's 
• Best Practices 
• The latest and greatest tools and techniques for discovering, managing, monitoring, and protecting NHIs & Secrets. 

Its time to reclaim control over our Non-Human identities!

It’s Time to Reclaim Control Over Your Non-Human Identities

In today’s fast-paced, multi-cloud world, Identity and Access Management (IAM) has become the cornerstone of enterprise security architecture. As traditional firewalls lose effectiveness, identity now serves as the ultimate control surface, ensuring that only trusted users—whether human or machine—can access the right systems, at the right time, and for the right reasons. But what makes a successful IAM strategy?

This webinar will introduce you to the new 7 A’s of Identity and Access Management, a comprehensive framework for managing identity across: Authentication, Access Control, Authorization, Administration, Attributes, Audit, and Availability. Each of these functions plays a crucial role in protecting your organization’s identity data, ensuring compliance, and boosting your overall security posture. By understanding and applying these concepts, you can lay the foundation for identity-first security in your organization and empower a more flexible, scalable, and secure approach to managing identities.

Join Eric Olden—co-author of the SAML standard, author of Identity Orchestration for Dummies, and CEO of Strata Identity—and host Mark Callahan, Chief Solution Storyteller, as they walk us through each of the 7 A’s, providing real-world examples of how enterprises are putting them to work in today’s complex cloud environments. This thought-leadership session will explore the challenges and opportunities facing organizations in the era of Zero Trust identity and provide actionable takeaways to help you build a resilient and secure IAM strategy.

Achieve Zero Trust Identity with the new 7 A’s of IAM

The skyrocketing adoption of AI has raised the stakes for cloud data protection.  The sheer volume of cloud data has made it difficult to discover and classify sensitive data, let alone prioritize the most critical risks to it.  

Join Tenable Cloud Security experts for an in-depth discussion on how to uncover, prioritize and take action on cloud data exposure with Tenable Cloud Security. 

Register for the session to learn how to: 
• Automate and tailor sensitive data discovery and classification across multi-cloud environments using integrated DSPM capabilities
• Use granular identity and access management insights to better prioritize data risk based on potential impact 
• Enforce least privilege access and AI configuration best practices to cloud AI data used in training and inference. 
• Maintain compliance with regulatory requirements and communicate data exposure risk

Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?

In this presentation we focus on the Human Resources (HRS) security domain, which comprises thirteen control specifications designed to help cloud organizations manage risks associated with insider threats. These controls ensure that personnel handling sensitive data are trustworthy, properly trained, and equipped to maintain the security posture of the organization, reducing risks like unauthorized access and data breaches caused by human factors.

Under the Shared Security Responsibility Model (SSRM), both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) independently implement HRS security controls. This includes conducting background checks, providing continuous security training, and ensuring employees are aware of cloud security risks and best practices.

By implementing HRS controls, cloud organizations can enhance the security of their services through the employment of well-trained, vetted staff, mitigating the risks of security incidents due to human error or malicious actions.

Human Resources - Security Implementation Best Practices

Today’s attackers have become cloud security experts, abusing cloud APIs to deploy ransomware, mine cryptocurrency, or steal data. Andre Rall, former Head of Account Takeover for AWS Fraud Prevention, has seen it happen first hand and has some surprising stories to share.

Join a lively conversation with Rall, now Director of Cloud Security at Uptycs, as we dive into:
• The different types of data that AWS makes available to cloud security practitioners 
• Why the reconnaissance phase of a cloud attack is where you should prioritize detection efforts
• How attackers abuse the AWS API to perform discovery, privilege escalation, and data exfiltration
• Offer advice on how organizations can defend their AWS estates from sophisticated threat actors

Threat Detection in AWS: Cloud security secrets from my time at AWS

Cloud Security

Threat Detection

Application Security

Cyber Security

IT Security

Information Security

Cloud

Cyber Attacks

Digital Transformation

CISSP

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Threat Detection in AWS: Cloud security secrets from my time at AWS

Presented by

About this talk

More from this channel