BEGIN:VCALENDAR
PRODID:-//vBulletin 6//EN
VERSION:2.0
CALSCALE:GREGORIAN
BEGIN:VEVENT
UID:88025d66-146f-433a-a950-5357839946ce
DTSTAMP:20260525T162941Z
SUMMARY:Rodrigo Montoro - Protecting the AWS ecosystem - Misconfigurations\
 , IAM\, and Monitoring
DESCRIPTION:Title: Rodrigo Montoro - Protecting the AWS ecosystem - Misconf
 igurations\, IAM\, and Monitoring\n\nScheduled Date and Time (Pacific Stan
 dard): Thursday\, August 10\, 2023\, at 0900 PDT\n\nEventBrite Link: https
 ://www.eventbrite.com/e/rodrigo-montoro-protecting-the-aws-ecosystem-ticke
 ts-668351787187\n\nMax Class Size: 60\n\n\n\n\nAbstract:\n\nCloud provider
 s' ecosystems have brought a lot of new challenges to companies and Securi
 ty teams. Many new attack vectors create known and unknown attack vectors\
 , generating a considerable need for further research and detection in thi
 s field.\n\nIn the current cloud security world\, access keys are the new 
 perimeter\, and permissions associated with those keys are the limits. In 
 many real-world scenarios\, leaked access keys are the initial vectors to 
 get into an organization's cloud environments. Therefore\, the least privi
 lege and detection in real-time becomes critical.\n\nSpecifically\, in AWS
 \, we are talking about more than three hundred (300+) services that an at
 tacker could create their specific attack path to achieve their goal. Cons
 idering this chaotic scenario\, we developed this workshop to teach how to
  mitigate those new vectors and improve the company's overall cloud securi
 ty posture. The workshop will cover misconfigurations\, AWS IAM (Identity 
 and Access Management) least privilege\, and control plane (Cloudtrail) mo
 nitoring.\n\nThis workshop will help organizations improve their cloud sec
 urity posture in these three fields - misconfigurations\, IAM permissions 
 management\, and control plane monitoring. There will be practical demonst
 rations\, hands-on labs\, and some Capture The Flag (CTF) to practice inci
 dent response.\n\n\n\n\nSkill Level: Intermediate\n\nPrerequisites for stu
 dents: AWS basic to intermediate knowledge\n\n\n\n\nMaterials or Equipment
  students will need to bring to participate: Just bring a laptop. Demonstr
 ations and Capture The Flag (CTF) exercises will be executed in my AWS acc
 ount and using CTFd.\n\n\n\n\nBio:\n\nRodrigo Montoro has over 23 years of
  experience in Information Technology and Computer Security. For most of h
 is career\, he has worked with open-source security software (firewalls\, 
 IDS\, IPS\, HIDS\, log management\, endpoint monitoring)\, incident detect
 ion & response\, and Cloud Security. Currently is Head of Threat & Detecti
 on Research at Clavis Security. Before that\, he worked as Cloud Researche
 r at Tenchi Security\, Head of Research and Development at Apura Cyber Int
 elligence\, SOC/Researcher at Tempest Security\, Senior Security Administr
 ator at Sucuri\, and Researcher at Spiderlabs. Author of 2 patented techno
 logies involving innovation in the detection field. One is related to disc
 overing malicious digital documents. The second one is in how to analyze m
 alicious HTTP traffic. Rodrigo has spoken at several open source and secur
 ity conferences (Defcon Cloud Village\, OWASP AppSec\, SANS (DFIR\, SIEM S
 ummit & CloudSecNext)\, Toorcon (USA)\, H2HC (São Paulo and Mexico)\, Sec
 Tor (Canada)\, CNASI\, SOURCE\, ZonCon (Amazon Internal Conference)\, Blac
 khat Brazil\, BSides (Las Vegas e SP)).\n\n\n\n​
URL:https://forum.defcon.org/node/246037
DTSTART:20230810T170000Z
DTEND:20230810T210001Z
LOCATION:Las Vegas\, NV\, DEF CON 31
END:VEVENT
END:VCALENDAR