Cloud
Defenders often rely on logs from cloud providers to detect incidents like data exfiltration, privilege escalation, and credential generation. In this talk, I will explore tactics used by attackers as described through the MITRE ATT&CK framework for Cloud. Specifically, I will discuss how attackers can exploit various core tactics to achieve their goals while avoiding suspicious log entries. Where feasible, I will present workarounds to address logging gaps, equipping defenders with alternative detection and investigation strategies. Additionally, I will highlight scenarios, such as covert data movement, that can occur undetected, leaving no trace in the environment’s logging systems.
Kat Traxler is the Principal Security Researcher at Vectra AI, focusing on abuse techniques and vulnerabilities in the public cloud. Additionally she has worked at various stages in the SDLC, performing web application penetration testing and security architecture.
Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security, and where the OS layer interfaces with higher-level abstractions. She can be found on the internet as @nightmareJS.
We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!
