Whether you like it or not, you’re on a Cloud Security team

Abstract: Stop asking the questions: who’s responsible for cloud security? Should we build a dedicated cloud security team? Chances are, if you work in Enterprise Security, you are already on a “Cloud Security Team”. In this talk, Kat will walk through the common capabilities within an Enterprise Security Organization from vulnerability management to forensics and the SOC, detailing how their ways of working and how their knowledge base must shift with the adoption of the cloud. Kat will review from top to bottom the cloud threat landscape and how these risks can to be addressed by the existing enterprise security teams with new tooling or sometimes just a shift in their mental models.

Kat Traxler

Kat Traxler

Kat Traxler is the Principal Security Researcher at Vectra AI focusing on threat detection in the public cloud. Prior to her current role, she worked in various stages in the SDLC performing web application penetration testing and security architecture design for Web, IAM, Payment Technologies and Cloud Native Technologies.

Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security and where the OS-layer interfaces with higher-level abstractions.

Kat has presented at various conferences including the SANS CloudSecNext Summit and fwd:CloudSec on topics such as privilege escalation in GCP, and bug-hunting in the cloud. In addition to her work at Vectra AI, she is a member of IAN Faculty and the Lead Author of the SANS SEC549 - Enterprise Cloud Security Architecture and currently holds multiple GIAC certifications.

She started her career with SANS as a facilitator in 2016 and currently holds GIAC-GSEC, GIAC-GCWN, GIAC-GDAT and GIAC-GCPS certifications. Kat Traxler is obsessed with the attack surface at the confluence of Identity and Cloud Platform APIs and thinks you should be too.

Heading

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Whether you like it or not, you’re on a Cloud Security team

Abstract: Stop asking the questions: who’s responsible for cloud security? Should we build a dedicated cloud security team? Chances are, if you work in Enterprise Security, you are already on a “Cloud Security Team”. In this talk, Kat will walk through the common capabilities within an Enterprise Security Organization from vulnerability management to forensics and the SOC, detailing how their ways of working and how their knowledge base must shift with the adoption of the cloud. Kat will review from top to bottom the cloud threat landscape and how these risks can to be addressed by the existing enterprise security teams with new tooling or sometimes just a shift in their mental models.

You'll wish you went sooner!

We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!