Incident Response & Threat Intelligence

R4-2A. Attracting Cloudy Bees with Honey Clouds

Thursday, June 13, 2024 2:30 PM - 3:30 PM

Room 2A

Description

In the rapidly changing cybersecurity landscape, fully automated and dynamically scaled offensive cloud-targeted attacks are evading some of our strongest defensive strategies. This presentation introduces the " HoneyCloud " project - a novel approach for collecting and analyzing cloud-centric cyber threats. This talk aims to provide a comprehensive understanding and analysis of real-world targeted cloud incidents that were captured in our HoneyCloud environment. We will use these real-world cases to discuss how fully automated and dynamically scaled offensive operations are detected by dynamic and scalable defensive operations. A HoneyCloud can allow researchers to collect malicious operations from live cloud environments forensically, let's learn how to make and use them!

Learner Objectives

After this session, learner will come away with: - A detailed understanding of what cloud threat actors are targeting - Knowledge of cloud-centric defensive tools and their operation - A top 5 list of security solutions to protect cloud environments