Why Zero Trust:
10 Big Little Sins of Infrastructure Security
Understanding and implementing cloud security is crucial for any business in this new decade. It is not everything, as there are lots of security mistakes that could be made by administrator and users as well. The reasons are very typical: lack of time, monitoring systems, or knowledge. We will discuss the so-called "Big Little Sins" of infrastructure to make all those networks significantly more secure!
During the presentation, we will be demoing various examples of kill-chains, most of them taken from practice. Kill-chains represent realistic but also surprising infrastructure takeovers, they usually start with user or even no privileges. Demonstrations will be followed up with a zero trust approach for administrative accounts, implemented according to best security practices. Participants will receive a ready-to-launch approach and knowledge to start implementing zero trust
Zero trust is an important concept to know and implement. All from the perspective of very engaged cybersecurity experts, engaged with research and supported by the team.
How hackers start their attacks,
What are the lateral movement techniques used nowadays,
How VPN connection could be dangerous and what to do to secure it,
How to find ‘low hanging fruits’ in misconfigurations and how they can be overused by hackers,
What are the kill-chains seen in practice,
What are the good practices for securing the environment.
Principal Solutions Architect,
CEO, Cybersecurity Expert
Venky Raju has a strong background in computer networking, software development, and cybersecurity. He has led R&D teams across the globe developing leading-edge networking solutions, smartphone platforms, and connected applications.
Paula Januszkiewicz is a security expert and the founder and CEO of CQURE, an IT and cybersecurity consulting company that conducts IT security audits and penetration testing.
Paula is a Cloud and Datacenter Management Microsoft MVP and an honorable Microsoft Regional Director for CEE. She is a popular speaker at global conferences, including the Gartner Security Summit. At RSA 2017 both of her sessions were named among the five hottest talks, and her Black Hat presentation was voted Best of Black Hat Asia Briefings 2019.