Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC

Episode 28 November 11, 2020 00:29:02
Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC
SilverLining IL
Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC

Nov 11 2020 | 00:29:02

/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Ofer Maor

Guest title: Co-Founder & CTO 

Company: Mitiga

Abstract

The recent increase of cloud based attacks gives us an opportunity to examine new attack vectors and how attackers exploit new services. In this episode we talked with Ofer Maor, Co-Founder at Mitiga, about new attack vectors in cloud computing and how attackers exploit new services such as marketplaces, community repos and other examples.

Timing:

0:00 Introducing our guest and Mitiga

3:32 Preparing for cloud incident response 

7:15 Cloud attack vector - malicious AMI

11:00 More attack vectors on marketplaces

13:18 Github attack vectors

18:15 attack vector - Business email compromise on 365

25:44 how to mitigate cloud incidents

27:58 Summary and last words

Other Episodes

Episode 15

January 28, 2020 00:38:46
Episode Cover

Episode 15: Challenges Of Selecting SaaS Providers

Attendees Guest: Tal Arad Guest title: Former CISO Company: CEVA logistics Abstract Consuming SaaS from various vendors can be a challenging task, the first...

Listen

Episode 3

June 24, 2019 00:51:19
Episode Cover

Episode 3: Cloud Configuration Pitfalls

Attendees Guest: Evgeny Zislis Guest title:  CTO Company:  ProdOPS Abstract Over 90% of IaaS/PaaS security incidents happens on consumer fault. Cloud platforms are complicated,...

Listen

Episode 9

October 29, 2019 00:35:01
Episode Cover

Episode 9: Challenges With Cloud Management Logs

Attendees Guest: Shira Shamban Guest title:  Cloud Security Company:  Check Point (Dome9) Cloud providers has invested heavily in adding visibility, monitoring and logging capabilities...

Listen