Search

Talk With an Expert

Talk With an Expert

Show:

Sort by:

General (2)
People (1)
Resources (19)

Whitepaper
Defending Infrastructure as Code in GitHub Enterprise
As infrastructure workloads have changed, cloud workflows have been adopted, and elastic...
Webinar
SANS Workshop – Building an Azure Pentest Lab for Red Teams
In this SANS Workshop, you will learn how to use Infrastructure as Code and open-source tools to automatically create an Azure Active Directory security lab which can be used for your own security simulations and use cases. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions.
Webinar
Navigating the Serverless, Containerized, and IaC Vulnerability Management Revolution
They promised it would be a breeze! Serverless functions, containers, and infrastructure as code were supposed to simplify vulnerability management. But hold onto your seats, because we'll dive into why these technologies demanding a whole new set of skills, tools, and a mindset shift for anyone in the game. Are you ready to shake up your vulnerability management game? Join us as we discover the must-have skills and attitude adjustments for staying on top.
Webinar
SANS Cloud Security - San Francisco 2023: Keynote - The Cloud Security Identity Crisis: Skills to Keep Up In The Cloud
The increasing reliance on cloud computing has driven the need for efficient and secure IT environments, necessitating the development of robust engineering skills across various domains. This keynote speech will explore the world of cloud investigations, focusing on the critical intersection of data engineering, infrastructure as code (IaC), and Continuous Integration/Continuous Deployment (CI/CD) pipelines. Attendees will learn about the latest trends, best practices, and real-world applications demonstrating how these engineering disciplines can significantly enhance cloud security, performance, and scalability. By the end of the session, participants will have gained valuable insights and practical strategies to help their organizations adapt and excel in the rapidly evolving cloud-centric landscape.Learning Objectives: Understand the fundamentals of cloud investigations and their importance in ensuring secure and efficient IT environments in the cloud.Gain insights into data engineering techniques, including data collection, storage, processing, and analysis, and learn how they contribute to effective cloud investigations.Explore the principles of infrastructure as code (IaC), its benefits in managing and provisioning cloud resources, and how it supports cloud investigations by improving security, compliance, and infrastructure management.Examine the role of CI/CD pipelines in promoting rapid and reliable software delivery, and learn how they facilitate cloud investigations by fostering transparency, traceability, and automated testing.Discover emerging trends and best practices for integrating data engineering, infrastructure as code, and CI/CD pipelines in cloud investigations to optimize security and performance.Learn from real-world examples and case studies that demonstrate the successful application of these engineering disciplines in cloud environments.
Webinar
When the Vibes Lie: Securing IaC in the Age of Prompt Generated Templates
Infrastructure as Code (IaC) gives teams speed, repeatability, and auditability, but only when it’s done securely.
Webinar
Achieve Cloud Security at Scale
Organizations are migrating and building mission-critical workloads in the cloud to accelerate the pace of innovation, improve resilience and scalability and reduce data center costs. DevOps and SRE teams are leading the way in this new environment, using their Infrastructure-as-Code and CI/CD knowledge to leverage the benefits of cloud. To keep up with this dynamic cloud environment where resources can be deployed across the globe in minutes, Cybersecurity teams must use the same automation tools and processes to maintain comprehensive visibility and protection. Adding to the challenge, a new wave of sophisticated, cloud-savvy adversaries are targeting cloud vulnerabilities and misconfigurations to meet their objectives.
Summit Presentation
Infrastructure Attack as Code Using Terraform To Attack Cloud
Infrastructure Attack as Code Using Terraform To Attack Cloud - Bleon Proko
Summit Presentation
Policy as Code: Strengthening Governance and Security in Cloud Infrastructure
SANS CloudSecNext Summit 2023
Whitepaper
Family Ties: Multigenerational Ransomware Family Analysis Using Intezer
The adoption of the Ransomware as a Service (RaaS) model has rapidly evolved the ransomware threat landscape. As a result, ransomware binary analysis of next-generation samples contains marginal code similarities with early generations within the same family. Often new generations of ransomware detection incorrectly identify the ransomware family. Infrastructure, tools, techniques, and procedures (TTPs), or ransom notes often determine the initial ransomware classification. Code similarities could assist investigators in identifying RaaS groups working on multiple ransomware families. Identifying common coding tactics in highly developed code allows security researchers to expedite attribution and develop mitigation strategies. Law enforcement can use code similarity analysis to show affiliation between ransomware groups. This paper aims to determine whether code similarities exist between next-generation ransomware and earlygeneration binaries. Research focuses on ransomware families containing four generations and analyzes randomly selected binaries using an automated genetic tool. Intezer’s genetic analysis compares binary samples against Intezer’s malware code repository. Intezer allows incident responders to analyze ransomware binaries and identify malware more accurately and quickly.
Person
Dakota Riley
Dakota Riley is a Staff Security Engineer at LiveRamp. He has experience assisting customers with cloud native security efforts, including IAM, Infrastructre-As-Code, automation/tooling, and detection engineering.