Wednesday
Room 4
13:40 - 14:40
(UTC+01)
Talk (60 min)
Optimizing Cloud Detection & Response With Security Chaos Engineering
Cloud Detection and Resposne (CDR) is an evolving approach to proactively defending cloud infrastructure against cyber-attacks.
Efficient CDR strategies are challenging for several reasons, including cloud complexities, insufficient expertise, and cloud misconfiguration. These challenges often lead to blindspots; some cloud attacks are undetected, leading to successful compromises. Furthermore, the ephemerality of cloud resources requires continuous assessment, validation, and configuration of CDR to align with the evolving threat landscape.
Security Chaos Engineering (SCE) addresses these challenges by empirically evaluating security controls to gain evidence about effectiveness via quick feedback loops. This talk provides practical steps based on a hybrid CDR system consisting of AWS GuardDuty, AWS Detective, and Datadog Cloud SIEM. The talk demonstrates how CDR systems can miss malicious attack patterns including those defined in the MITRE ATT&CK library.
Kennedy Torkura
Kennedy is a cybersecurity researcher, cloud security engineer and the CTO/Co-Founder at Mitigant. He has spent over 11 years in cybersecurity and is passionate about exploring the intersection of security chaos engineering, incident response, risk analysis and threat detection in cloud security. He has published more than 20 academic papers about several cloud security domains and was a contributing author in the first O'Reilly book on Security Chaos Engineering. He is also a third time member of the AWS Community Builder Program and has spoken at various international conferences including KubeCon (Cloud Native Security Day), Conf42 Chaos Engineering, ChaosCarnival, and BSides Berlin.