The RSA Conference 2018 Asia Pacific & Japan was held in Marina Bay Sands, Singapore from the 25 – 27 July. Several distinguished professionals from around the world attended the event, which included technical trainings, security conference and a capture the flag (CTF) competition.
Abhinav Singh and Ashwin Vamshi from the Netskope Threat Research Labs were privileged to deliver a talk on “Endpoint vs. Cloud: Forensicating Cyberthreats in Two Parallel Worlds!”.
With a major shift of services towards cloud, the dynamics of threats have changed and they have started adapting to this new playground. From a security and threat detection perspective, it becomes crucial to understand how the cloud platforms differ from the traditional client-server models. One of the main agenda of the talk was to compare the endpoint deployment with current cloud infrastructure while performing various security assessments like penetration testing, forensics, and malware analysis. The concept of shared responsibility model in cloud infrastructure opens up new challenges as well as opportunities to tackle some of the most rudimentary challenges of security. A deeper understanding of the model helps in early adoption of right security solutions and practices at an early stage of migration towards cloud.
Another important agenda of the talk was to understand some of the advance intrusion capabilities in the cloud like pivoting inside IaaS, privilege escalations and minimizing traces of activities inside a cloud infrastructure. We provided a list of the cloud attacks that have been detailed in our research blogs