Slides - https://www.slideshare.net/slideshow/revealing-choke-points-practical-tactics-for-boosting-cloud-security/274723279
Abstract:
During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.
Bio:
I’ve been working as Security and Threat Researcher and Cybersecurity Advocate at senhasegura, Founder at Black&White Technology, Cybersecurity Advocate, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US, Canada, France, Spain, Germany, Poland, and others, I’ve served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).