Clearing the Fog: Detection and Defense Against AWS Persistence Techniques
Cloud breaches are typically associated with smash and grab jobs such as cryptojacking or dumping S3 buckets. However, there is a shift in threat landscape in how adversaries are leveraging cloud platforms to achieve more targeted goals. As these techniques become more sophisticated, there becomes a need for adversaries to slow down and establish persistence in these environments.
This talk will cover persistence mechanisms specific to the AWS ecosystem. The audience will learn about well established persistence techniques but also about creative new mechanisms that rely on newer cloud services. Most importantly it will cover defensive techniques and focus on the bottlenecks defenders can monitor to detect this activity.
This webcast supports content from SANS Institute SEC541: Cloud Security Threat Detection. To learn more about this course, explore upcoming sessions, and access your FREE demo, click here.
