Container security, Cloud Security, Intrusion detection, SOC, Blue Team

How Cloud Defenders Thwart Attacks Against Resilient Services – Jeff Deininger – ESW #224

April 21, 2021

Sponsored By

sponsor Visit https://securityweekly.com/extrahop for more information!

In cybersecurity attackers have a structural advantage over defenders: they can succeed with a staggeringly high failure-rate (not caring that most attacks get blocked at the perimeter). Meanwhile, defenders lose when that single successful attack goes unnoticed regardless of how many attacks were successfully stopped. Disproportionate consequences similarly advantage attackers: typical times to detect and contain that one successful attack are still measured in weeks and months. Yet high-availability and resiliency characteristics built-in to “Well-Architected” microservices offer defenders an opportunity to turn the tables and rob attackers of their asymmetric advantages. The key missing ingredient is a sufficient early-warning system that can detect and respond to advanced threats.

In this presentation, Jeff Deininger, a Principal Cloud Security Engineer, will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably ‘walking on ice’.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

How Cloud Defenders Thwart Attacks Against Resilient Services

Guests

Jeff Deininger

Jeff Deininger - Principal Cloud Security Engineer at ExtraHop

@ExtraHop

Deininger has over 15 years of experience in security and IT operations with a focus on data center technologies, service delivery and DevOps. As an AWS Security Specialist, he is interested in the observability conditions that create effective early warning systems for detecting and containing cybersecurity events.

Hosts

Adrian Sanabria

Adrian Sanabria - Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Matt Alderman

Matt Alderman - Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Tyler Shields

Tyler Shields - CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses - in all aspects. He's a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

prestitial ad