Security Bsides Knoxville 2021: A Live Simulation of Advanced Cloud Misconfiguration Attacks
In this talk, Josh Stella will run a live simulation of an advanced cloud misconfiguration exploits to show a number of ways common cloud architectural anti-patterns create opportunities for hackers to gain entry to cloud environments, move laterally using tools like IAM services, and ultimately discover and breach data. Many of the misconfigurations exploited won’t be flagged by compliance scans and often aren’t considered risky by security teams.
Secure 360: Locking Down the Security of Cloud IAM
In this talk, Fugue CEO Josh Stella will unpack the complex layers of cloud IAM security to help you think more critically about security for your unique cloud use cases. You’ll understand how to identify common IAM misconfiguration vulnerabilities you’ve missed before—and how malicious actors exploit them. Specifically, this talk will cover IAM misconfigurations that compliance won’t catch:
- How attackers take advantage of IAM misconfigurations
- Evaluating your cloud environment for IAM vulnerabilities
- Strategies for remediation and building security into cloud design
Secure 360: A Live Simulation of an Advanced Cloud Misconfiguration Exploit
Josh Stella, CEO of Fugue, will walk through a live demonstration of how hackers take advantage of common cloud misconfigurations to gain access to environments, move laterally, and extract sensitive data. All along the way, he’ll share tips and strategies for identifying misconfiguration vulnerabilities in your cloud environment and how to go about eliminating them.
ISSA Cyber Security Executive Summit 2021
Fugue is proud to be a sponsor of ISSA's quarterly gathering. Join Fugue at our virtual booth to learn how Fugue secures the entire Cloud Development Lifecycle (CDLC) from Infrastructure as Code to running cloud environments using the same open-source policy as code. Fugue helps security teams gain visibility over cloud environments and discover misconfiguration vulnerabilities and helps cloud applications and DevOps teams move faster without breaking the rules designed to keep infrastructure and data safe.
DevOps Days Raleigh: To Secure Your Cloud Think Like a Hacker
Josh Stella, Fugue's Co- Founder and CEO will speak about how the cloud has changed the way hackers operate, and you need to change how you think about securing your cloud assets against this new generation of exploits. Josh will walk through a simulation of an advanced cloud misconfiguration exploit. He’ll explain at every step how common—but frequently overlooked—mistakes leave cloud data vulnerable, and how most cloud-based data breaches go undetected, even long after the fact. You’ll gain fresh insights into how to think critically about your cloud security posture and how to identify and eliminate serious misconfiguration risks. In this session, you’ll learn:
- How cloud misconfigurations occur and why they go frequently go undetected
- How to assess your cloud environment for misconfiguration vulnerabilities
- How to prevent misconfigurations using policy-as-code