[Online Event] Cloud Breach Incident Response & Forensics
Details
Join us on Thursday, December 3rd for the last Talkin' Security event of the year.
=====
ATTENTION!
Online meeting details below
Meeting link: https://cisco.webex.com/cisco/j.php?MTID=m5dbbf83c67a5a88e57e951d07ffdef48
Meeting number (access code): 162 876 7400
Meeting password: QVqkQMJU446 (78757658 from phones)
=====
AGENDA
5:20 - 5:30pm: Introduction
5:30 - 6:30pm: Michael T. Raggo - Cloud Breach Incident Response & Forensics
Speaker bio:
Michael T. Raggo has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in products including Samsung, Checkpoint, and Netgear. His current research focuses on hybrid cloud security risks and threats. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding” for Syngress Books, and contributing author for “Information Security the Complete Reference 2nd Edition”. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.
Summary of the talk:
Cloud breaches are on the rise, and none of these breaches are small. Understanding the TTPs is key to determining where to look among the plethora of services available through Cloud Service Providers such as AWS and Azure. In this session we'll enumerate sources of forensic evidentiary data among the vastness of AWS Cloudtrail, GuardDuty, Microsoft Graph, and more. A very clearly defined methodology will be provided as a baseline for combing through this data in a precise and expedited way. Examples from real world breaches will be highlighted providing practical approaches to exposing the attacker's methods and compromise.