How organizations are getting hacked in the cloud, and quick wins to counter

This event is organized by our friends from DevOps Meetup Zürich.

They are more than happy to welcome everyone usually an OWASP Switzerland Meetup participant.

To register and see more details please go to
DevOps Meetup Zürich - on site event

They actually offer two talks in this event, but the most relevant for security enthusiasts is this one:

• 17:30 Door opening + Drinks
• 18:00-18:45 How organizations are getting hacked in the cloud, and quick wins to improve your security posture by Christophe Tafani-Dereeper

How organizations are getting hacked in the cloud, and quick wins to improve your security posture by Christophe Tafani-Dereeper

Cloud adoption is rising, in particular in Switzerland where AWS opened their first region last November. Cloud environments bring new challenges to secure identities, data and infrastructure - but security is first and foremost a matter of prioritization. Without knowing the actual threats you face, you can't efficiently direct your security investments.

In this talk, we'll demonstrate the most common ways companies are getting hacked on AWS and showcase real-world documented data breaches from recent years. We'll then discuss the best ways to protect against them—in particular, setting up secure defaults and ensuring that engineers can ship secure infrastructure without sacrificing speed. Through the process, we'll show that security best practices often align with DevOps ones, and that operational excellence typically leads to more secure cloud environments.

You'll leave this talk with actionable insights on what's critical to get right from the start, a practical overview of the open source tools you can use, and a shortlist of high-value security quick wins you can take to your AWS environment right away.