2024-08-06 –, Florentine E
In this talk, we delve into the evolving landscape of cybersecurity threats in cloud environments, showcasing how adversaries are shifting tactics from traditional breaches to sophisticated cloud-specific attacks. No longer merely "breaking in," attackers are now "logging in," leveraging the cloud's unique vulnerabilities and features to their advantage. We explore the sophisticated tools and strategies these adversaries employ, from exploiting misconfigurations and weak access management to manipulating cloud-native functionalities. This presentation highlights the critical shift in attacker techniques and the imperative for defenders to adopt cloud-native security strategies. Through real-world case studies and analysis of successful breaches, attendees will gain invaluable insights into the attackers' mindset and the evolving attack vectors effective in cloud scenarios. This talk aims to equip cybersecurity professionals with the knowledge to anticipate, identify, and defend against these advanced tactics, promoting a proactive and resilient defense posture against the ever-changing threat landscape in cloud environments.
Adversaries are not “breaking in”, they are “logging into”. They are innovating, adapting their techniques to exploit the unique opportunities and vulnerabilities presented by cloud environments.
This talk dives deep into the minds and methods of attackers as they navigate the shift from traditional on-premises environments to the vast, dynamic expanse of the cloud.
This talk will uncover the nuanced strategies, sophisticated tools, and evolving targets of these adversaries, emphasizing their opportunistic adaptation to cloud-specific security gaps. Attendees will gain insights into the latest attack vectors that are uniquely effective in cloud environments, from exploiting misconfigurations and weak identity and access management policies to leveraging insecure APIs and manipulating cloud-native features. We will explore how attackers perceive the cloud as a fertile ground for exploitation, adapting their mindset to the cloud’s architectural complexities and the inherent challenges it poses to traditional security paradigms. Highlighting a pivotal shift, this presentation will reveal that attackers have fundamentally changed their techniques, moving away from the approaches we've known so far, necessitating that defenders undergo a similar transformation to effectively counteract these advanced threats. By highlighting real-world case studies and dissecting successful cloud breaches, this presentation aims to provide a comprehensive understanding of the attacker's perspective, revealing how their approaches shift in response to cloud adoption. Attendees will leave with a profound understanding of the critical need for cloud-native security strategies and the knowledge to anticipate, identify, and defend against the sophisticated tactics employed by adversaries in the cloud. This talk is designed to arm cybersecurity professionals with the insights needed to fortify their cloud environments against the ever-evolving threat landscape, ensuring a proactive and resilient defense posture in the face of cloud-centric attacks.
Roei Sherman, Field CTO at Mitiga, is a seasoned expert in Cloud Incident Response and adversarial cybersecurity. His career, spanning over ten years in cybersecurity roles, showcases a specialization in Red Team operations. Roei's approach is marked by an adversarial mindset and guerrilla tactics, aiming for a proactive defense in a variety of security engagements that encompass training, lectures, and consulting. His expertise is rooted in a distinguished background, including roles in a Field Intelligence unit of the IDF, where he continues to serve in the Reserve. Roei has also played key roles at AB InBev as Global Director of Offensive Services and led significant projects as an information security consultant and Red Team leader for EY Israel. His technical breadth covers a wide range of areas including Red Team engagements, social engineering, physical security, and incident response across diverse platforms. Roei's academic foundation enhances his professional endeavors, holding a B.A. degree in Business Administration with a major in Cyber Security and an M.A. in Criminology. Beyond his primary role, he contributes as a co-organizer of BSidesTLV and serves on the CFP team for Diana's Initiative, demonstrating his commitment to advancing the cybersecurity community.
Adi is an experienced security manager, used to leading teams to protect some of the most sensitive systems around. While her background was originally as a software developer and manager, she was most recently Vice President of Cybersecurity at JPMorgan Chase & Co., one of the largest banks in the world. Adi is now serving as Director IT & Security of Mitiga.
Ms. Belinkov has well over a decade of experience in management roles, with security, operations, and development teams. She works closely with developers, QA engineers, Devops, and Product managers to deeply embed security into their daily workflows, often delivering internal training sessions. Adi has a pragmatic understanding of organizational constraints and requirements, and leverages these to ensure we deliver the optimal results to stakeholders.
Adi has served in the famous 8200 unit in the IDF, has a degree in Software Engineering, and Executive MBA. She also volunteers for SheCodes, and previously ran one of the chapters.