Internal security teams fear The Big One (TBO): an actor gaining access to the production AWS account with the crown jewels. Many, some more than others, theorize, plan, and simulate what a major incident might look like, but the fortunate will also never experience a large-scale, "P1" incident. We at Unit 42 have seen and handled the day-to-day incidents all the way through full-scale TBOs in the cloud.
In this webinar, Unit 42 will discuss the common types of breaches they encounter in cloud platforms, from credential exposure to infrastructure misconfiguration. They will also walk through, step-by-step, what analysis might look like in a case study of a major incident and where detection and best practices along the attack chain may have saved the victim.