SlideShare ist ein Scribd-Unternehmen logo

Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Data Breaches

DevOps.com
DevOps.com

This year has been full of surprises — and cloud security data breaches have been no exception. From hotel chains to dating apps and video conferencing, misconfigurations and mistakes have left many organizations with exposed data. Knowing how data breaches happen and how to prevent them from happening is key when it comes to defending your identities and data access. In this webinar, Eric Kedrosky, CISO and director of cloud research at Sonrai Security, dissects the top 10 notorious cloud data breaches from 2020, breaking down how each was caused and how they could have been prevented. This webinar will detail the anatomy of each type of data breach, what we can learn, what allowed the data breach to happen and the preventative measures. Join this webinar as we dissect the year’s top cloud data breaches and what caused them, including: Identity and authentication for data storage Public cloud misconfiguration Key and secret management Overprivileged identities Malicious Bad Actors

Technologie
1 von 36
Downloaden Sie, um offline zu lesen
Confidential Hotels, Hookups and Video Conferencing A Top 10 Countdown to 2020's Worst Data Breaches “We Dig Your Cloud”
Meet the Speakers Eric Kedrosky Director of Cloud Security Research & CISO Sonrai Security Mitch Ashley CEO & Managing Analyst Accelerated Strategies Group
2020 Data Breaches
Misconfigurations
10: Prestige Software
Lessons From Misconfigurations • Need comprehensive controls, applied to each domain • One technique doesn’t mean safety  • Block permissions with policies and constant monitoring for mistakes
Third-Party
9. Keepnet
Lessons From Third Party Breaches • Need comprehensive controls across all providers • Checks and audits are required • Vendors are targets too • Continuously maintain least privilege
Weak Authentication for Data Storage
8. Spotify
Lessons for Weak Authentication • Be careful trusting old school network protection • Protect EVERYTHING with authentication • Use proper network zoning for multi-tier application stacks
No Authentication for Data Storage
7. BlueKai
Lessons for No Passwords • Use passwords
Human Error
6. Vertafore
Lessons for Human Error • Continuously monitor access • Get to and maintain least privilege • Prevent overprivege
Key and Secret Management
5. WildWorks
Lessons Key and Secret Management • Multi-factor authentication is powerful • Use keys wisely • Looks for keys and secrets in code repos and open storage • Look for sloppy key exposure
Overprivilege
4. Cisco
Lessons from Overprivilege • Define adequate privilege for each account and workload • Compare permissions to usage and triage to get to least privileged • Establish protections for highly privileged accounts • Watch out for bad habits in creating overprivileged accounts
Insider Threats
3. Shopify
Lessons and Tactics for Insider Attacks • Highly privileged and “break glass” accounts must be supported, but such accounts must be used carefully • Separation of duties for dangerous activities is vital • Some security architectures make separation of duties tricky; root accounts are required for some functions
Admin Credentials
2. MobiFriends
Lessons and Tactics for Admin Credentials • Creating accounts and roles separate duties • Remove dormant admin accounts • Get to least privilege • Administrative credentials are only used for administrative tasks • Administrator privileges are appropriately logged and continuously monitored
Trial By Fire
1. Zoom
Lessons and Tactics for Security Teams • Continuous auditing and reporting • Integrate teams to shift left effectively • Prevent and remediate issues • Remove blind spots and gaps from Individual tools
Sonrai can help Identity and Data Protection for AWS, Azure, GCP, and Kubernetes Identity & data access complexity is a ticking time bomb in your cloud. Tens of thousands of pieces of compute, thousands of roles, and a dizzying array of interdependencies and inheritances. First-generation security tools miss this as evidenced by so many breaches. Sonrai Dig, our enterprise identity and data governance platform, de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place.
Confidential Q & A
Confidential Thank You! sonraisecurity.com “We Dig Your Cloud”

Empfohlen

How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...DevOps.com
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid finalDevOps.com
 
Tirez pleinement parti d'Elastic grâce à Elastic Cloud
Tirez pleinement parti d'Elastic grâce à Elastic CloudTirez pleinement parti d'Elastic grâce à Elastic Cloud
Tirez pleinement parti d'Elastic grâce à Elastic CloudElasticsearch
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Tripwire
 
Innovating at speed and scale with implicit security
Innovating at speed and scale with implicit securityInnovating at speed and scale with implicit security
Innovating at speed and scale with implicit securityElasticsearch
 
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...Elasticsearch
 
Security at the Speed of Software - Twistlock
Security at the Speed of Software - TwistlockSecurity at the Speed of Software - Twistlock
Security at the Speed of Software - TwistlockAmazon Web Services
 
Herding Pets and Cattle: Extending Foundational Controls Into the Cloud
Herding Pets and Cattle: Extending Foundational Controls Into the CloudHerding Pets and Cattle: Extending Foundational Controls Into the Cloud
Herding Pets and Cattle: Extending Foundational Controls Into the CloudTripwire
 

Empfohlen

How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...DevOps.com
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid finalDevOps.com
 
Tirez pleinement parti d'Elastic grâce à Elastic Cloud
Tirez pleinement parti d'Elastic grâce à Elastic CloudTirez pleinement parti d'Elastic grâce à Elastic Cloud
Tirez pleinement parti d'Elastic grâce à Elastic CloudElasticsearch
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Tripwire
 
Innovating at speed and scale with implicit security
Innovating at speed and scale with implicit securityInnovating at speed and scale with implicit security
Innovating at speed and scale with implicit securityElasticsearch
 
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...Elasticsearch
 
Security at the Speed of Software - Twistlock
Security at the Speed of Software - TwistlockSecurity at the Speed of Software - Twistlock
Security at the Speed of Software - TwistlockAmazon Web Services
 
Herding Pets and Cattle: Extending Foundational Controls Into the Cloud
Herding Pets and Cattle: Extending Foundational Controls Into the CloudHerding Pets and Cattle: Extending Foundational Controls Into the Cloud
Herding Pets and Cattle: Extending Foundational Controls Into the CloudTripwire
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 
Practical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security InstrumentationPractical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security InstrumentationVMware Tanzu
 
Operationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesOperationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesElasticsearch
 
Pentest as a Service Impact 2020
Pentest as a Service Impact 2020Pentest as a Service Impact 2020
Pentest as a Service Impact 2020DevOps.com
 
Empowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside GovernmentEmpowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside GovernmentElasticsearch
 
What is the Future of SIEM?
What is the Future of SIEM? What is the Future of SIEM?
What is the Future of SIEM? Elasticsearch
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Securitycentralohioissa
 
SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)Priyanka Aash
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesNetskope
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesForrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesNetskope
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and PredictionsDevOps.com
 
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22WesComer2
 
Webdays blida mobile top 10 risks
Webdays blida mobile top 10 risksWebdays blida mobile top 10 risks
Webdays blida mobile top 10 risksIslam Azeddine Mennouchi
 

Weitere ähnliche Inhalte

Was ist angesagt?

Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 
Practical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security InstrumentationPractical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security InstrumentationVMware Tanzu
 
Operationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesOperationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesElasticsearch
 
Pentest as a Service Impact 2020
Pentest as a Service Impact 2020Pentest as a Service Impact 2020
Pentest as a Service Impact 2020DevOps.com
 
Empowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside GovernmentEmpowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside GovernmentElasticsearch
 
What is the Future of SIEM?
What is the Future of SIEM? What is the Future of SIEM?
What is the Future of SIEM? Elasticsearch
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Securitycentralohioissa
 
SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)Priyanka Aash
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesNetskope
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesForrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesNetskope
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and PredictionsDevOps.com
 
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 

Was ist angesagt? (20)

Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operations
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shop
 
Practical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security InstrumentationPractical DevSecOps Using Security Instrumentation
Practical DevSecOps Using Security Instrumentation
 
Operationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesOperationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelines
 
Pentest as a Service Impact 2020
Pentest as a Service Impact 2020Pentest as a Service Impact 2020
Pentest as a Service Impact 2020
 
Empowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside GovernmentEmpowering agencies using Elastic as a Service inside Government
Empowering agencies using Elastic as a Service inside Government
 
What is the Future of SIEM?
What is the Future of SIEM? What is the Future of SIEM?
What is the Future of SIEM?
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and vision
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity Edition
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
 
SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)SACON - Devops-container (Richard Bussiere)
SACON - Devops-container (Richard Bussiere)
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar Slides
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and vision
 
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesForrester Research: Securing the Cloud When Users are Left to Their Own Devices
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 

Ähnlich wie Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Data Breaches

Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22WesComer2
 
Top Azure security fails and how to avoid them
Top Azure security fails and how to avoid themTop Azure security fails and how to avoid them
Top Azure security fails and how to avoid themKarl Ots
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Scott Carlson
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
UpdateConf 2018: Top 18 Azure security fails and how to avoid them
UpdateConf 2018: Top 18 Azure security fails and how to avoid themUpdateConf 2018: Top 18 Azure security fails and how to avoid them
UpdateConf 2018: Top 18 Azure security fails and how to avoid themKarl Ots
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Aaron Hnatiw
 
Cloudtenna Hour With An Expert Webinar
Cloudtenna Hour With An Expert WebinarCloudtenna Hour With An Expert Webinar
Cloudtenna Hour With An Expert WebinarMitch Crane
 
Mobile App Security - Best Practices
Mobile App Security - Best PracticesMobile App Security - Best Practices
Mobile App Security - Best PracticesRedBlackTree
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19TechSoup
 
Defending Your IBM i Against Malware
Defending Your IBM i Against MalwareDefending Your IBM i Against Malware
Defending Your IBM i Against MalwarePrecisely
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan Finn
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan FinnDefending Today's Threats with Tomorrow's Security by Microsoft by Aidan Finn
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan FinnJohn Moran
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays
 

Ähnlich wie Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Data Breaches (20)

Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22
 
Webdays blida mobile top 10 risks
Webdays blida mobile top 10 risksWebdays blida mobile top 10 risks
Webdays blida mobile top 10 risks
 
OWASP Mobile TOP 10 2014
OWASP Mobile TOP 10 2014OWASP Mobile TOP 10 2014
OWASP Mobile TOP 10 2014
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
Top Azure security fails and how to avoid them
Top Azure security fails and how to avoid themTop Azure security fails and how to avoid them
Top Azure security fails and how to avoid them
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the Cloud
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
UpdateConf 2018: Top 18 Azure security fails and how to avoid them
UpdateConf 2018: Top 18 Azure security fails and how to avoid themUpdateConf 2018: Top 18 Azure security fails and how to avoid them
UpdateConf 2018: Top 18 Azure security fails and how to avoid them
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
 
Cloudtenna Hour With An Expert Webinar
Cloudtenna Hour With An Expert WebinarCloudtenna Hour With An Expert Webinar
Cloudtenna Hour With An Expert Webinar
 
Mobile App Security - Best Practices
Mobile App Security - Best PracticesMobile App Security - Best Practices
Mobile App Security - Best Practices
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1
 
Defending Your IBM i Against Malware
Defending Your IBM i Against MalwareDefending Your IBM i Against Malware
Defending Your IBM i Against Malware
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan Finn
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan FinnDefending Today's Threats with Tomorrow's Security by Microsoft by Aidan Finn
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan Finn
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
 

Mehr von DevOps.com

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareDevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykDevOps.com
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudDevOps.com
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionDevOps.com
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDevOps.com
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureDevOps.com
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportDevOps.com
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogDevOps.com
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDevOps.com
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureDevOps.com
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021DevOps.com
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?DevOps.com
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsDevOps.com
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...DevOps.com
 
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...DevOps.com
 
The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...DevOps.com
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogDevOps.com
 

Mehr von DevOps.com (20)

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
 
The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
 

Kürzlich hochgeladen

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Kürzlich hochgeladen (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Data Breaches

  • 1. Confidential Hotels, Hookups and Video Conferencing A Top 10 Countdown to 2020's Worst Data Breaches “We Dig Your Cloud”
  • 2. Meet the Speakers Eric Kedrosky Director of Cloud Security Research & CISO Sonrai Security Mitch Ashley CEO & Managing Analyst Accelerated Strategies Group
  • 6. Lessons From Misconfigurations • Need comprehensive controls, applied to each domain • One technique doesn’t mean safety  • Block permissions with policies and constant monitoring for mistakes
  • 9. Lessons From Third Party Breaches • Need comprehensive controls across all providers • Checks and audits are required • Vendors are targets too • Continuously maintain least privilege
  • 10. Weak Authentication for Data Storage
  • 12. Lessons for Weak Authentication • Be careful trusting old school network protection • Protect EVERYTHING with authentication • Use proper network zoning for multi-tier application stacks
  • 13. No Authentication for Data Storage
  • 15. Lessons for No Passwords • Use passwords
  • 18. Lessons for Human Error • Continuously monitor access • Get to and maintain least privilege • Prevent overprivege
  • 19. Key and Secret Management
  • 21. Lessons Key and Secret Management • Multi-factor authentication is powerful • Use keys wisely • Looks for keys and secrets in code repos and open storage • Look for sloppy key exposure
  • 24. Lessons from Overprivilege • Define adequate privilege for each account and workload • Compare permissions to usage and triage to get to least privileged • Establish protections for highly privileged accounts • Watch out for bad habits in creating overprivileged accounts
  • 27. Lessons and Tactics for Insider Attacks • Highly privileged and “break glass” accounts must be supported, but such accounts must be used carefully • Separation of duties for dangerous activities is vital • Some security architectures make separation of duties tricky; root accounts are required for some functions
  • 30. Lessons and Tactics for Admin Credentials • Creating accounts and roles separate duties • Remove dormant admin accounts • Get to least privilege • Administrative credentials are only used for administrative tasks • Administrator privileges are appropriately logged and continuously monitored
  • 33. Lessons and Tactics for Security Teams • Continuous auditing and reporting • Integrate teams to shift left effectively • Prevent and remediate issues • Remove blind spots and gaps from Individual tools
  • 34. Sonrai can help Identity and Data Protection for AWS, Azure, GCP, and Kubernetes Identity & data access complexity is a ticking time bomb in your cloud. Tens of thousands of pieces of compute, thousands of roles, and a dizzying array of interdependencies and inheritances. First-generation security tools miss this as evidenced by so many breaches. Sonrai Dig, our enterprise identity and data governance platform, de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place.