Developer Week

Josh Stella, Fugue Founder and CTO will present-Hacking the Cloud: Simulating Advanced Cloud Misconfiguration Exploits

Josh will walk through a live demonstration of how hackers take advantage of common⁠ but overlooked cloud misconfigurations to gain access to environments, jump from account to account, discover resources to target, and exfil sensitive data.
This session will be performed live in the terminal and the AWS console, and will cover advanced topics that primarily focus on AWS IAM (Identity and Access Management) service misconfigurations. While focused on AWS, the concepts are readily applicable to other cloud platforms such as Microsoft Azure and Google Cloud Platform.
At each step of the way, he’ll talk in detail about why these misconfigurations happen in every day cloud operations, how they’re taking advantage of them, and how these attacks can be prevented.

DevOps Days Charlotte

Josh Stella, CTO of Fugue, will walk through a live demonstration of how hackers take advantage of common⁠ but overlooked AWS IAM misconfigurations to gain access to environments, jump from account to account, discover resources to target, and exfiltrate sensitive data.

This session will be performed live in the terminal and the AWS console, and will cover advanced topics that primarily focus on AWS IAM (Identity and Access Management) service misconfigurations. While focused on AWS, the concepts are readily applicable to other cloud platforms such as Microsoft Azure and Google Cloud Platform.

At each step of the way, Josh will talk in detail about why these misconfigurations happen in every day cloud operations and how these attacks can be prevented. 

InfoSec World- Cloud Security Summit

Join Josh Stella Co-Founder and CTO and Wayne Crissman, Director of Security, as they discuss how traditional security approaches and solutions can’t prevent misconfiguration or detect associated data breaches; because cloud misconfiguration is a software engineering problem, not a security analysis problem. That’s good news, because with the right cloud security architecture, we can address cloud misconfiguration before hackers can find and exploit them.

The demonstration will utilize a running AWS cloud environment, but the concepts and misconfiguration risks are applicable to any cloud provider, including Microsoft Azure and Google Cloud Platform. You will see:

• Common, and dangerous, cloud misconfigurations and how hackers exploit them
• How to evaluate your cloud environment to identify misconfiguration vulnerabilities
• Strategies for eliminating misconfigurations without disrupting applications
• Tips on educating developers and cloud engineers on secure cloud architecture
• Building better collaboration and trust between security and application teams

O'Reilly Software Architecture Conference

Josh Stella, Fugue Founder and CTO will present-Securing Your Cloud Environment with Architecture Best Practices

Josh will run a live simulation of  advanced cloud misconfiguration exploits to show a number of ways common cloud architectural anti-patterns create opportunities for hackers to gain entry to cloud environments, move laterally using tools like IAM services, and ultimately discover and breach data.  

At each step, Josh will share alternative approaches to architecting cloud infrastructure services to ensure our applications run efficiently while denying bad actors the tools and means to exploit them. Attendees will leave with actionable insights to evaluate their own cloud environment for misconfiguration vulnerabilities, how to address them, and how to bake secure cloud architecture approaches into software development. 

O'Reilly Infrastructure and Operations  Conference

Josh Stella, Fugue Co-Founder and CTO will present Simulating Cloud-Native Exploits Live: To Understand and Prevent Them