Presented at QConSF 2015
Video available at http://www.infoq.com/presentations/attacker-profiling-security
When securing a system, what are the modern realistic threat scenarios that you should be protecting against? And how does use of an IaaS cloud provider shape these threats? This talk will take a deep dive into the murky world of offensive computing. You’ll gain a clear understanding of different types of attackers, their skill sets, and how compromises happen, with a specific focus on protecting cloud-based applications. Along the way you’ll laugh, you’ll cry, and you’ll shift uncomfortably in your seat as you come to the inevitable conclusion that many applications have inadequate security against modern attackers. You will leave the talk with a clear conviction to make your systems more secure, and a new mindset that will help keep your threats away.