Skip Navigation
Get a Demo
 
Share
Resources Webinars

The Detection Series: Prevalent cloud techniques

We’re changing things up in the next installment of the Detection Series. Instead of focusing on a specific endpoint technique or tactic, we’re going to explore how adversaries compromise and navigate their way through Azure and Amazon Web Services (AWS) cloud systems.

On-demand

60 mins.

Virtual

We’re changing things up in the next installment of the Detection Series. Instead of focusing on a specific endpoint technique or tactic, we’re going to explore how adversaries compromise and navigate their way through Azure and Amazon Web Services (AWS) cloud systems.

 

Drawing on the real-world experience of cloud security experts from across the industry, we’ll construct a hypothetical narrative detailing how adversaries gain initial access to cloud systems, elevate their privilege levels, persist, and more. Throughout this webinar, you’ll learn how adversaries are attacking cloud systems, and what you can do to gain observability, broaden detection coverage, respond to threats, mitigate risks, and test your security controls. 

Some of the key techniques we’ll cover include:

  • T1078.004: Cloud Accounts
  • T1098.001: Additional Cloud Credentials
  • T1059.009: Cloud API

We’ll also examine device code phishing, how cloud-based privilege escalation is different from endpoints, and much more.

Join us for actionable strategies on how to harden and better defend your organization against cloud threats. 

MEET THE SPEAKERS
 
Thomas Gardner
Senior Detection Engineer | Red Canary
As a Detection Engineer at Red Canary, Thomas gets into the weeds of attacker behavior and incident analysis. He always tries to dig into overlooked areas with a special focus on Linux and Cloud environments. Prior to Red Canary, he spent several years at a global telecom working in incident response and threat intelligence roles.
As a Detection Engineer at Red Canary, Thomas gets into the weeds of attacker behavior and incident analysis. He always tries to dig into overlooked areas with a special focus on Linux and Cloud environments. Prior to Red Canary, he spent several years at a global telecom working in incident response and threat intelligence roles.
 
Justin Schoenfeld
Senior Threat Researcher | Red Canary
Justin is responsible for analyzing new cloud attack techniques and understanding different telemetry sources. He gained his B.A. in Computing Security from the Rochester Institute of Technology. His love for cloud and identity telemetry came from his experience with analyzing email based attacks while serving as a Detection Engineer within Red Canary's Customer Security Operations team.
Justin is responsible for analyzing new cloud attack techniques and understanding different telemetry sources. He gained his B.A. in Computing Security from the Rochester Institute of Technology. His love for cloud and identity telemetry came from his experience with analyzing email based attacks while serving as a Detection Engineer within Red Canary's Customer Security Operations team.
 
Casey Knerr
Cybersecurity Engineer | MITRE
Casey is a cybersecurity engineer at MITRE and a member of the MITRE ATT&CK for Enterprise team, where she provides cloud expertise. Prior to joining MITRE, she worked as a penetration tester and completed a BSFS in Science, Technology, and International Affairs at Georgetown University and an MSc in Computer Science at the University of Oxford.
Casey is a cybersecurity engineer at MITRE and a member of the MITRE ATT&CK for Enterprise team, where she provides cloud expertise. Prior to joining MITRE, she worked as a penetration tester and completed a BSFS in Science, Technology, and International Affairs at Georgetown University and an MSc in Computer Science at the University of Oxford.
 
Jose Hernandez
Cloud Threat Researcher
Jose is a Distinguished Cloud Threat Researcher. Previously, he founded and led the Threat Research team at Splunk (STRT). Jose is known for creating several security-related projects, including Splunk Attack Range, Splunk Security Content, LOLDrivers, Git-Wild-Hunt, Melting-Cobalt, and BlackCert. He also works as a maintainer for the Atomic Red Team.
Jose is a Distinguished Cloud Threat Researcher. Previously, he founded and led the Threat Research team at Splunk (STRT). Jose is known for creating several security-related projects, including Splunk Attack Range, Splunk Security Content, LOLDrivers, Git-Wild-Hunt, Melting-Cobalt, and BlackCert. He also works as a maintainer for the Atomic Red Team.
 
 
 
 
Back to Top