Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing The Sky Strategies For Protecting Agai...

Sena Yakut
March 31, 2024
0
120

Securing The Sky Strategies For Protecting Against Cloud Hacking

Sena Yakut

March 31, 2024
Tweet

More Decks by Sena Yakut

See All by Sena Yakut
Securing Large Language Models- Threats and Mitigations
senayakut
0
29
Cloud Security Engineering: The Profession of the Future
senayakut
0
37
Gateway to Cloud Security Heaven: Our AWS Expedition
senayakut
0
280
DevSecOps Best Practices- Secure Everything You Have
senayakut
0
140
Cloud Security From Scratch
senayakut
0
80
Cloud Security 101: Ultimate weapon against cyber threats
senayakut
0
110
Journey to the Cloud: An Introduction and Security Overview
senayakut
0
41
Explore Ten Ways to Secure The Cloud
senayakut
0
59
PartyRock-Your Security Supporters
senayakut
0
48

Featured

See All Featured
How to train your dragon (web standard)
notwaldorf
88
5.7k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
1.9k
KATA
mclloyd
29
14k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.7k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
47
2.1k
Designing for humans not robots
tammielis
250
25k
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Making Projects Easy
brettharned
115
5.9k

Transcript

  1. Sena Yakut Securing the Sky: Strategies for Protecting Against Cloud

    Hacking /sena-yakut @sena_yakutt senayakut.com

  2. Cloud providers Product requirements Shared responsibilities Cloud security: Management nightmare

  3. Cloud resources Attack surfaces Tools & Experience Cloud security: Management

    nightmare

  4. We love the cloud, so attackers do. Orca Security, 2024

    State of Cloud Security Report

  5. Do not use public resources unless you really really need.

    Sysdig, 2024 State of Cloud Security Report - Storage resources (Azure Blob, AWS S3, EBS, EFS), - Exposed sensitive data, - Container registries –> Getting credentials from it, - Write to public resources & destroy environments, - Denial of Wallet amplification attack –> AWS S3, - Publicly accessible databases, - Amazon SageMaker publicly accessible notebooks.

  6. Be aware of your resources. - Which resources, where and

    why? - What are the possible vulnerabilities? - What are the misconfigurations? - What are the endpoints?

  7. Be aware of your resources. CSPM is not enough, but

    it is a good start.

  8. Please read the documentation. - The following documentation ensures that

    security features are configured correctly, - Maximizing protection against threats, - Cloud engineers are updated on new security features and best practices, - Maximizing the use of documentation minimizes reliance on external support, saving time and resources.

  9. Get alert from everything you need. - Anomalies, - Cloud

    resource threats, - Cloud resources configuration changes, - Verify alerts and get details from it, - Have a plan for alerts.

  10. Monitor everything. - Constant monitoring enables early detection of suspicious

    activities or anomalies. - Timely monitoring allows for rapid response to security incidents. - Monitoring provides valuable insights into emerging threats and attack patterns. - Monitoring resource usage helps control costs and prevent unnecessary expenses.

  11. Dance like no one is watching. Encrypt like everyone is.

    - Encrypt in transit, - Encrypt in rest, - Follow best practices in the encryption stage, - Follow up cyber security world for encryption changes

  12. Be open to change.

  13. Do not isolate teams. - Everyone needs security, - Each

    team brings unique skills and perspectives to the table, - Improved visibility across teams helps identify and address security risks more effectively, - Avoid duplication of efforts and resources,

  14. Think ‘what if’ - Consider potential scenarios and their impacts

    on cloud security posture, - Identify vulnerabilities and weaknesses before they can be exploited, - Use 'what if' scenarios to drive ongoing security enhancements and updates, - Evaluate how different scenarios may affect regulatory compliance and take necessary precautions.

  15. Thanks! senayakut.com /sena-yakut @sena_yakutt