Cloud security, Incident response, Threat intelligence

How Cloud Defenders Thwart Attacks Against Resilient Services – Jeff Deininger – ESW #224

In cybersecurity attackers have a structural advantage over defenders: they can succeed with a staggeringly high failure-rate (not caring that most attacks get blocked at the perimeter). Meanwhile, defenders lose when that single successful attack goes unnoticed regardless of how many attacks were successfully stopped. Disproportionate consequences similarly advantage attackers: typical times to detect and contain that one successful attack are still measured in weeks and months. Yet high-availability and resiliency characteristics built-in to "Well-Architected" microservices offer defenders an opportunity to turn the tables and rob attackers of their asymmetric advantages. The key missing ingredient is a sufficient early-warning system that can detect and respond to advanced threats.

In this presentation, Jeff Deininger, a Principal Cloud Security Engineer, will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop to learn more about them!

Sponsored By

ExtraHop Networks
Full episode and show notes

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Jeff Deininger
Jeff Deininger
Principal Cloud Security Engineer at Extrahop

Deininger has over 15 years of experience in security and IT operations
with a focus on data center technologies, service delivery and DevOps.
As an AWS Security Specialist, he is interested in the observability
conditions that create effective early warning systems for detecting and
containing cybersecurity events.

Hosts

Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad