Sebastian Walla
Sebastian Walla is an expert for Cloud Threat Intelligence. He is the deputy manager of the Emerging Threats team focusing on Cloud Threat Intelligence at CrowdStrike. Since 4 years Sebastian worked as a reverse engineer and has been focusing on cloud intrusions for a couple of years.
Sebastian studied Cybersecurity, has a Masters in Computer Science, and published a paper on automatically identifying and exploiting tarpit vulnerabilities to fight malware. He further holds the GREM and GCLD certification and presented at Euro S&P 2019 and Fal.Con 2023.
Session
Cloud security incidents have increased significantly in recent years, with cloud-conscious attacks more than doubling in 2023 according to CrowdStrike Intelligence statistics. Based on over 180 cases sourced from CrowdStrike incident response, managed threat hunting, and managed SOC services which are highly reflective of the actual threat environment that companies face every day, this talk gives an overview of the most common tactics, techniques, and procedures (TTPs) that adversaries use when compromising the cloud. We will be looking into two incident response cases where actors gain unauthorized access, exfiltrate data, and deploy ransomware.
Defenders walk away from this talk with a clear picture of what the most common techniques are, how to hunt for the presented techniques, and how to defend against them.