James Condon, Director of Security Research @ Lacework
Topics:
What are realistic and actually observed cloud threats today? How did you observe them at Lacework?
Cloud threats: are they on-premise style threats to cloud assets? We hate the line “cloud is just somebody else’s computer” but apparently threats actors seem to think so?
What is the 2nd most dangerous cloud issue after configuration mistakes?
Why is it so common for organizations to have insecure configurations in their cloud environments?
Give me a few examples of the most common mistakes organizations make, and what they can do to avoid those configurations.
Cloud malware and ransomware / RansomOps, are these real risks today?
Are we finally seeing the rise of Linux malware at scale (in the cloud)?
As multi cloud expands in popularity, what are threat actors doing in this area?
Are actors customizing their attacks on a per-cloud basis (AWS, GCP, Azure)?