Virtual Event
November 17, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, November 17 • 11:05am - 11:50am
Building Effective Attack Detection in the Cloud - Alfie Champion & Nick Jones, F-Security Consulting

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The cloud has significantly altered the nature of attack detection, and many of the common data sources and attacker TTPs that security teams have been looking for on premise have changed or are no longer relevant. A lack of public threat intelligence has hindered development of industry knowledge bases, such as the MITRE ATT&CK framework, and the nature of many cloud-native attacker TTPs make it challenging to separate the malicious from the benign.  Based on first-hand experience attacking and defending large enterprises, this talk will share what Alfie and Nick have learned about detecting attacks against cloud-native environments. They will cover how the cloud has changed the detection landscape, the key data sources to leverage, and how to plan and prioritise your cloud detection use cases. They'll also discuss how to validate your detection, including a demonstration of Leonidas, an open source framework for automatically validating detection capability in the cloud.

avatar for Nick Jones

Nick Jones

Senior Consultant, Global Cloud Lead, F-Secure Consulting
Nick Jones is the cloud security lead and a senior security consultant at F-Secure Consulting (formerly MWR InfoSecurity), where he has focused on AWS security in mature, cloud-native organisations and large enterprises for a number of years. When he's not delivering offensively-focused... Read More →
avatar for Alfie Champion

Alfie Champion

F-Secure Consulting
I lead F-Secure's consulting services for all things attack detection, from traditional objective-based adversary simulations through to 'purple teaming' exercises in cloud. Outside of helping bolster client's detective capabilities, I love building new tools for simulating offensive... Read More →

Tuesday November 17, 2020 11:05am - 11:50am EST