Cloud Infrastructure Cyber Kill Chain

Cloud breaches are on the rise, and none of these breaches are small. Understanding the TTPs is key to determining where to look amongst the plethora of services available through AWS. In this session, we'll enumerate sources of forensic evidentiary data amongst the vastness of AWS. A clearly defined methodology will be provided as a baseline for combing through this data in a precise and expedited way. Examples from real-world breaches will be highlighted providing practical approaches to exposing the attacker's methods and compromise.

Speaker Bio:
Michael T. Raggo has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in commercial networking, mobile, and security products including Samsung, CheckPoint, and Netgear. His current research focuses on Cloud security. His research has been highlighted on television’s CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding: Exposing Concealed Data” for Syngress Books. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.