If you ask a cloud security professional what are the biggest risks to their cloud environment, their answer would probably include things like publicly exposed storage buckets, leaked credentials, or over-permissive network access. But if we look beyond these commonly known mistakes and misconfigurations, it's often the case that the weak point of many cloud environments lies in the integration with on-premise or non-cloud infrastructure. Even with state of the art cloud security controls, a poorly secured Active Directory, for example, can often allow an attacker to walk in the back door and compromise a cloud environment.
This talk will explore the common scenarios of how this occurs and why cloud security professionals should still be concerned with securing on-premise. We will provide case studies from Mandiant incident response engagements that cover how specific gaps in network security, access management, and logging have exposed organizations to new threats in the cloud.