Cloud
Defenders often rely on logs from cloud providers to detect incidents like data exfiltration, privilege escalation, and credential generation. In this talk, I will explore tactics used by attackers as described through the MITRE ATT&CK framework for Cloud. Specifically, I will discuss how attackers can exploit various core tactics to achieve their goals while avoiding suspicious log entries. Where feasible, I will present workarounds to address logging gaps, equipping defenders with alternative detection and investigation strategies. Additionally, I will highlight scenarios, such as covert data movement, that can occur undetected, leaving no trace in the environment’s logging systems.
Kat Traxler is the Principal Security Researcher at Vectra AI, focusing on abuse techniques and vulnerabilities in the public cloud. Additionally she has worked at various stages in the SDLC, performing web application penetration testing and security architecture.
Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security, and where the OS layer interfaces with higher-level abstractions. She can be found on the internet as @nightmareJS.
Join us in June (2026) with an exemplary selection of hacker and privacy presentations and villages from prominent tech experts. Get your tickets now!
