(In Japanese) SANS 2022 Cloud Security Exchange

トップクラスのクラウドサービスプロバイダーと提携し、クラウドをより安全に利用するためのサポートをします。

SANS 2022 Cloud Security Exchange」のイベントでは、初めてGoogle Cloud Platform(GCP)とMicrosoft Azureのセキュリティ技術リーダーが会場に集まり、クラウドセキュリティ機能の構築に対する考え方や、クラウドセキュリティの主要分野におけるベストプラクティスを紹介します。そしてベンダーから独立しているSANS Instituteの技術専門家陣が、これらのクラウドセキュリティプロバイダのリーダーとペアになって、マルチクラウド化が進む環境で企業が直面する問題の解決策を共有します。

SANS、Google Cloud、Microsoftのクラウドセキュリティの専門家が共同執筆した関連する電子書籍をダウンロードするには、ここをクリックしてください。この電子書籍は、フランス語、ドイツ語、日本語、ポルトガル語、スペイン語にも翻訳されています。

このイベントの録画もご視聴いただけます。日本語、ポルトガル語、スペイン語、フランス語、ドイツ語、ポルトガル語への吹き替えをご用意いたします

Proudly Sponsored By:

logo_cloud_wordmark_color_0120_NEW.pngMicrosoft.png

Attendee Information

With 3 engaging presentations and our interactive panel discussion, this event features the Cloud Security industry's best and brightest subject matter experts. Gain insight on today's best practices for protecting your cloud environment against potential attacks and explore the latest available capabilities.

Continuing Professional Education (CPE) Credits are earned by participation in the event!

  • 6 CPEs are earned for attending the Cloud Security Exchange

Agenda | August 25th | 11:00 AM - 3:15 PM

All Times Shown in Eastern Daylight Time (EDT)

Schedule

Description

11:00 - 11:15 AM EDT

Kickoff 

Frank Kim, Fellow, SANS Institute

11:15 - 11:30 AM EDT

Opening Comments

Diana Kelley, Co-Founder, SecurityCurve
Ed Moyle, Co-Founder SecurityCurve

11:30 - 12:15 PM EDT

Building a Foundational Cloud Security Strategy in Google Cloud

As more organizations embrace cloud migration, security operations and architecture teams are facing new challenges. We largely moved past the days of “lift and shift,” where many traditional on-premises security controls and processes are copied without much analysis to the cloud. Now we’re evolving into a much more cloud-native phase where highly agile teams are building complex and more interconnected applications than ever, using native technologies built by cloud providers. Nowhere is this more true than in Google Cloud, embracing the theme “always be innovating”.

This session will help enterprise security teams build a sound operational security strategy in Google Cloud, starting with threat modeling to help determine where and how to focus best. Then we’ll explore best practices for implementing strong security capabilities in all three pillars within Google Cloud, leaving attendees with a guide for building and operating their own security architecture within the Google Cloud Platform that grows with them as their cloud footprint expands.

Dr. Anton Chuvakin, Head of Solution Strategy, Google Cloud
Dave Shackleford, Senior Instructor, SANS Institute

12:15 - 1:00 PM EDT

Blue Skies and Clouds

Is identity the new perimeter? When we use a Virtual Private Network (VPN), what is it that we use to gain access? Identity. In essence, Identity is the center point of our systems and when it comes to the cloud, that concept is supercharged. Microsoft has a rich history in Identity and Authentication. It is without question that when your organization needs to use a Microsoft Service, identity will be involved. How can attackers subvert your security controls and gain access to your environment? How can you detect unauthorized access efficiently and effectively? What can you do to regain and retain control of your environment following an incident?

This session will look at attackers and how they will attempt to subvert these systems, and what can occur in both Azure Active Directory and the Azure Platform itself. Using real life examples, we will provide best practice recommendations and insights into how these incidents occurred. Learning from use these cases with an eye to best practices will help prepare you with best practices for potential attacks.

Dr. Roberto Bamberger, Senior Principal Consultant - Detection and Response Team (DaRT), Microsoft
Moses Frost, Senior Instructor, SANS Institute

1:00 - 1:15 PM EDT

Break

1:15 - 2:00 PM EDT

Top 3 Cloud Security Weaknesses, Misunderstandings, and Mitigations

Many of the threats the industry faces in the cloud can be combated with secure cloud configuration and tooling. Unfortunately, because the service landscape contains hundreds of cloud services, security practitioners are overwhelmed and underinformed. Their job gets even harder in a multi cloud environment, where seemingly small differences between the clouds have immense security implications. This session will cover the top cloud security weaknesses the panelists have observed in 2022, the attacks that exploit them, the misunderstandings that make defense more difficult, and the correct mitigations to use in the Big 3 Cloud providers.

Aaron Cure, Certified Instructor, SANS Institute
Brandon Evans, Certified Instructor, SANS Institute
Pierre Lidome, Certified Instructor Candidate, SANS Institute
AJ Yawn, Associate Instructor, SANS Institute

2:00 - 3:00 PM EDT

Cloud Security Exchange
Panel Discussion

Moderators
Diana Kelley, Co-Founder, SecurityCurve
Ed Moyle, Co-Founder SecurityCurve

Panelists
Dr. Roberto Bamberger, Senior Principal Consultant - Detection and Response Team (DaRT), Microsoft
Dr. Anton Chuvakin, Head of Solution Strategy, Google Cloud
Brandon Evans, Certified Instructor, SANS Institute
AJ Yawn, Associate Instructor, SANS Institute

3:00 - 3:15 PM EDT

Closing Remarks

Frank Kim, Fellow, SANS Institute