Name: From Setup to Lockdown: A Complete Guide to Amazon S3 Security Configuration
Start: 2025-02-20T18:00:00Z
End: 2025-02-20T18:00:36.000Z
Location: BrightTALK
Rating: 5

At Cloud Storage Security, we pride ourselves on helping organizations across the globe prevent the spread of malware, locate sensitive data, and assess their storage environments in order to extend data privacy, meet compliance requirements, and manage security mandates.
 
Content on this channel is designed for CISOs, SAs, Engineers, MSPs, Auditors and others who are responsible for data security in the cloud.

 Learn more at www.CloudStorageSec.com. 

Cloud Storage Security’s internal threat laboratory, Casmer Labs, has been hard at work discovering and identifying the most current and pressing threats to organizations that operate in the cloud.

In the first quarter of  2025, infostealers, leaked credentials, and misconfigurations were the most prominent threats to organizations that store data in the cloud, resulting in tens of millions of records lost as well as the reputational damage that accompanied it.

Join us for this technical talk, where we will:  
Demonstrate how the most popular strains of malware operate within a testing environment
Analyze how leaked credentials and misconfigurations result in severe data loss
Educate viewers on how to prevent similar incidents from compromising their sensitive data stores

Inside Q1 2025’s Most Dangerous Cloud Storage Threats

Cloud Storage Security’s internal threat laboratory, Casmer Labs, has been hard at work discovering and identifying the most current and pressing threats to organizations that operate in the cloud.

In the first two months of 2025, infostealers such as Mirai dominated the charts as the most popular strains of malware detected by our laboratory. However, in March, different manners of threats reared their ugly heads.

Join us for this technical talk, where we will:  

Demonstrate how the most popular pieces of malware operate in a testing environment 

Outline how organizations can adapt security practices to prevent the intrusion and eventual detonation of malware

Top Malware Threats of March 2025: What You Need to Know

The vast majority of regulations contained within PCI-DSS v4.0 comes into effect on March 31, 2025. In order to better protect payment card information (PAN), the Payment Card Industry council has introduced malware scanning requirements designed to protect data stored within the cloud.

Join us for this technical talk, where you will:  
           
Learn how to satisfy malware scanning requirements contained within PCI-DSS v4.0 Requirement 5

Learn how to configure the relevant services and controls related to malware scanning in order to keep compliant

Data Security and PCI-DSS v4.0: How Your Organization Can Prepare for Compliance

Cloud Storage Security’s internal threat laboratory, Casmer Labs, has been hard at work discovering and identifying the most current and pressing threats to organizations that operate in the cloud.

In February 2025, the top two most popular malware strains that Casmer Labs detected were Mirai, a well-known botnet malware that targets IoT devices to launch DDoS attacks, and Prometei, a similarly dangerous botnet malware. 

Join us for this technical talk, where we will:  
Demonstrate how these pieces of malware work in a testing environment 
Outline how organizations can adapt security practices to prevent the intrusion and eventual detonation of malware

Top Malware Threats of February 2025: What You Need to Know

Cloud Storage Security’s internal threat laboratory, Casmer Labs, has been hard at work discovering and identifying the most current and pressing threats to organizations that operate in the cloud.    In January 2025, the top two most popular malware strains that Casmer Labs detected were SnakeKeyLogger, a widely distributed infostealer targeting credentials, and RustyStealer, a sensitive data-harvesting Trojan. 

In this technical talk, put together for Solution Architects, DevOps, Engineers, Cloud Security Personnel, CISOs, CTOs, and CIOs, we: 
  - Demonstrate how these pieces of malware work in a testing environment 
  - Outline how organizations can adapt security practices to prevent the intrusion and eventual detonation of malware

Top Malware Threats of January 2025: What You Need to Know

Year after year, more data moves into the cloud. While the physical state of data remains the same as it did on-premises, the inherent accessibility of the cloud presents a unique set of challenges that require attention, research, time and monetary investment to address. By attending, you’ll learn:
  -  Why security for storage in the cloud is different from security for servers, networks, and endpoints
  -  What a security strategy should include to protect cloud storage
  -  How to evaluate potential solutions

Building a Strategy to Secure Your Cloud Storage

A new ransomware campaign dubbed Codefinger is targeting Amazon S3 users.  What's notable about this approach is that the attackers leverage compromised AWS credentials to access and encrypt the victim’s data via AWS server-side encryption with customer-provided keys.  In this session from Cloud Storage Security’s threat laboratory, Casmer Labs, learn how Codefinger works, including a simulation of the steps an attacker could take, and how to protect against it.

Codefinger: A Ransomware Threat from Within

Ransomware strains, cyberattack strategies and threat actors are constantly evolving and 2024 was no different. While there are hundreds of ways your cloud storage resources can be compromised, a few new developments in the last year have resulted in significant data breaches, substantial compliance violations, and tens of millions of dollars in fines and reputational damage. Tune in to learn more about:
  - Major cloud storage security vulnerabilities, attack methods, and strains of malware that became popular in 2024
  - Whether your organization needs to address them
  - Strategies you can implement to protect against the inevitable flow of new threats in the year ahead

The Nastiest Threats to Cloud Storage in 2024 & What to Avoid in 2025

The fallout of a ransomware attack can be complex, costly and time-consuming. Prevention is key. Cloudticity and Cloud Storage Security provide guidance and tooling, enabling you to take action. Tune in for an introduction to:

- How to detect ransomware in cloud storage 
- How to detect ransomware in cloud infrastructure
- How to manage the cybersecurity life cycle

Ransomware Solutions and How We Can Help

For Change Healthcare and other recent victims, critical security protocols were not enabled, making them low hanging fruit in the eyes of attackers. You can do better. A layered defense strategy is critical when it comes to stopping ransomware. Is your organization following these best practices?  

- Enabling cross-region/multi-zone backups 
- Simulated testing
- Scanning the code level

Find out what you can do today to lower your risk.

Best Practices for Ransomware Prevention, Defense, and Mitigation

Ransomware can paralyze a company, halting operations and disrupting its ability to provide care. This talk highlights recent notable ransomware attacks in the healthcare industry and what went wrong, touching on entry points, attack signals, and the cost of not having a plan in place. Join us to learn from the missteps of Change Healthcare and others.

Ransomware Challenges in Healthcare

This episode of Security LIVE! with Rich Vorwaller, Chief Product Officer, and Velizar Demirev, Customer Success Leader, with Cloud Storage Security (CSS), discussed how they help ensure business’ most important information doesn’t get into the wrong hands. with AWS hosts, Ryan Orsi and Himanshu Verma.

Security LIVE! with Cloud Storage Security | S3 E32

Join us for a brief demo of GenAI Secure by Cloud Storage Security. In this demo we will walk through how to secure your Generative AI models. We'll discuss how easy it is to protect a bucket, and how to push results to preferred notification routes. Forensic analysis, DLP and Malware Detection will also be covered.

What you will learn:
- How to protect a bucket
- How to initiate a scan, engines
- Picking a scanning engine
- Viewing AV results
- Viewing DLP results
- Custom, regular expression creation
- Bedrock forensic analysis

GenAI Secure Demo

Generative AI (GenAI) presents unique challenges for businesses of all sizes. Accelerating progress on one front, GenAI has a darker side that can leave businesses vulnerable to malware and sensitive data leakage. GenAI Secure offers a simple yet effective solution that can protect AWS environments from malware and data leakage brought from work with Generative AI, external datasets, and more.

Using the Ship of Theseus thought experiment, Rich draws parallels to CSS's philosophy of building adaptable and modern solutions rather than relying on outdated methods. This webinar will walk you through our integration with Amazon Bedrock, which furthers GenAI Secure's protection by offering comprehensive threat intelligence and custom policy creation. Through these methods, Artificial Intelligence models are kept free from malicious code and threats, while sensitive data is secured.

What you will learn:
- GenAI Secure Overview - Understand how CSS protects your AWS and downstream data from the threat of AI
- Advanced Protection Features - Learn about our integration with Amazon Bedrock for enhanced threat intelligence and more
- Practical Deployment Insights - Discover helpful insights on the real-world applications of GenAI Secure in various customer environments

How to Protect Generative AI Models Using GenAI Secure

AWS Well-Architected Framework Reviews (WAFRs) can be complicated and time-consuming. Many cloud architects find themselves overwhelmed with issues to remediate. Kion and Cloud Storage Security have teamed up to provide you with guidance and tooling to take action and become well-architected by default. Tune in to learn:
- How to rapidly align your architecture to the Well-Architected Framework
- How to meet security pillar best practices for securing data and infrastructure
- How Kion and CSS can help you pass a WAFR

Applying the AWS Well-Architected Framework for Infrastructure & Storage (Demo)

Is your organization preparing for or undergoing an Amazon Web Services (AWS) Well-Architected Framework Review (WAFR)?

Tune into this talk to learn:
- Common challenges encountered when preparing for a WAFR
- How to remove obstacles and accelerate passing a WAFR
- Getting Started: Addressing the operational excellence, security and cost optimization pillars

AWS Well-Architected: Operational, Security and Cost Optimization Best Practices

As organizations continue to move their storage, workloads, and applications to the cloud, it can be easy to forget the most important part of cloud computing: data protection and posture management. 

Join theCUBE and Cloud Storage Security for a conversation on how data stored in the cloud can become a liability and what organizations can do to mitigate that risk.

When Data Becomes Dangerous

In 2024, a number of high-profile organizations experienced data breaches due to publicly accessible Amazon S3 buckets and 2025 is shaping up to be no different. The problem that most organizations face is that implementing effective protection for Amazon S3 involves navigating a variety of access control options. Whether you’re managing permissions through IAM roles, Access Control Lists (ACLs), or bucket policies, using the right tools and techniques for specific use cases is essential.

This technical webinar outlines advanced security practices for Amazon S3, helping you choose the best options and ensuring the safety and security of your most important asset: your data.

From Setup to Lockdown: A Complete Guide to Amazon S3 Security Configuration

Amazon S3

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

From Setup to Lockdown: A Complete Guide to Amazon S3 Security Configuration

Presented by

About this talk

More from this channel