Historically, defense in depth was mostly performed through network-layer controls. While network security controls remain an important component of cloud security, an additional layer of identity and access management (IAM) governance is now needed as organizations continue to scale their cloud presence. Similar to scanning applications for vulnerabilities, IAM policies across all cloud accounts must be constantly monitored and evaluated to determine the risk impact to the business.

We will present breaking research from the Unit 42 Threat Intelligence team and how one simple IAM misconfiguration allowed researchers to compromise an entire massively-scaled cloud environment and bypass just about every security control.

We will also deep dive into the complex topic of identity security, exploring the methods attackers use to silently perform reconnaissance, common threat actors and tangible steps organizations can take to build a cloud security program based upon IAM best practices.