Developer Week Global

Josh Stella, Fugue Co-Founder and CTO will speak on: "To Secure Your Cloud, Think Like a Hacker"
The cloud has changed the way hackers operate, and you need to change how you think about securing your cloud assets against this new generation of exploits.

Josh will walk through a simulation of an advanced cloud misconfiguration exploit. He’ll explain at every step how common—but frequently overlooked—mistakes leave cloud data vulnerable, and how most cloud-based data breaches go undetected, even long after the fact.

Cloud Security Masterclass: Blowing Up Serverless Security with IAM (And How to Avoid It)

Josh Stella (co-founder and CTO) is joined again by Curtis Myzie (VP of Engineering) and Wayne Crissman (Director of Security) to dig into the role IAM plays with serverless security, how IAM misconfigurations put data at risk, and why these mistakes are so easy to make and common in enterprise cloud environments.

This session will cover: 

• The IAM attack surface with serverless cloud environments 
• The strategies hackers use to exploit IAM misconfigurations
• How to spot these mistakes and eliminate them

Sonotype All Day DevOps

Fugue is proud to be an alumni supporter of All Day DevOps, the first 24 hour event on all things devops

AWS Bay Area Community Day

Fugue is proud to participate this community led event. The event allows people in the region to come together and connect with each other without the hustle and bustle of re:Invent and re:Inforce 

Josh Stella will be speak on "Building a Highly Secure Amazon S3 Bucket"

Developer Week-Austin Virtual

Speaking Session: Pen Testing in the Age of Cloud:  Fugue co-Founder and CTO Josh Stella will walk through how Fugue developed a thorough understanding and approach when evaluating pen test vendors. Cloud service providers (CSPs) are now responsible for the physical security for their data centers. But, in cloud, you need to be concerned with a lot more potential attack surface.
Pen testing helps with the discovery of weaknesses in your code. During this talk Josh will discuss 2 approaches to pen testing, how to assess skills of a pen testing team and white hat hackers.

Cloud Security Masterclass: Screaming at the Cloud With Corey Quinn 

“The only way to know everything you have running in AWS is to look at your AWS bill.” - Corey Quinn

In the next Cloud Security Masterclass, Fugue CTO Josh Stella is joined by Corey Quinn, Chief Cloud Economist at the Duckbill Group, host of the Screaming in the Cloud podcast, and curator of the Last Week in AWS newsletter. 

This will be a fun, freewheeling session with live Q&A throughout in which Josh and Corey will tackle a variety of topics, including: 

• The common mistakes we make in the cloud that blow up our bills and our security 
• When multi-cloud strategies are the right approach and why that’s pretty much never 
• The relationship between managing cloud costs and getting cloud security right 

AWS re: Invent

Fugue is proud to be a sponsor of AWS re:Invent 2020. See you there!

Webinar-Cloud Infrastructure Misconfiguration Risk: What you Need to Know to Prevent Critical Breaches

Learn how to tackle cloud infrastructure misconfiguration. Learn what cloud misconfiguration is, the automated threats to cloud infrastructure, and how to automate prevention of misconfiguration.

Cloud Security Masterclass: Pen Testing Your Cloud

Pen testing is standard security practice for simulating attacks to identify system vulnerabilities, and most industry compliance audits require them. But most pen testing efforts overlook the number one risk in the cloud: resource misconfiguration. 

In this Cloud Security Masterclass, Fugue CTO Josh Stella will walk what pen testing your cloud security posture looks like, how to approach it in house, and how to evaluate vendors to ensure they understand cloud misconfiguration and how to exploit it. 

This session will be conducted live via Zoom with real-world misconfiguration exploit examples and actionable information you can use to begin incorporating your cloud attack surface in your pen testing plan.