1. InfoconDB
  2. Black Hat
  3. Black Hat USA 2020 Virtual
  4. Heroku Abuse Operations: Hunting Wolves in Sheep's Clothing

Heroku Abuse Operations: Hunting Wolves in Sheep's Clothing

Presented at Black Hat USA 2020 Virtual, Aug. 6, 2020, 12:30 p.m. (40 minutes)

<p>Black Hat attendees 'get' security - but strategically speaking, where does abuse management fit?<br><br>Abuse Operations - at its core - is detection of and response to malicious activity when everything is working "as designed." Classical security is interested in prevention, governance, and compliance, while abuse operations looks at the wider picture of misuse, abuse, malice and crime. At any moment in time, multiple actors are bypassing detection and response systems masquerading as customers in order to take unfair advantage of your systems and services. Different from the full compromise scenarios we know and love, abuse is a slow simmering burn, where our customers can become a problem, and worse, your problem. <br><br>Attendees in this session will get an insider's view into active abuse on one of the largest pure-play, remote-code-execution-as-as service (RCE-aaS) platforms on the Internet: Heroku.<br><br>Allan and Spencer walk through the cat-and-mouse hunt for ever-evolving miscreant behavior hidden in the sea of legitimate users, build mechanisms to turn low value indicators into high value decisions, and show the value of "pushing left" to make the platform less hospitable for abuse.<br><br>For attendees dealing with abuse - this session will start conversations on how we engage abuse at scale - and the scaffolding you can apply on Monday when you get back to work.</p>

Presenters:

  • Allan Stojanovic - Lead Abuse Engineer, Salesforce | Heroku
    Allan Stojanovic has survived IT for over 25 years. He has worked in nearly every vertical doing may different roles, mostly in the Information Security field. A jack of all trades, he tries to know a little bit about everything, and is a self proclaimed expert at nothing.
  • Spencer Cureton - Abuse Operations Engineer, Salesforce | Heroku
    Spencer Cureton has a background in electrical engineering and started his career working in industrial control systems, providing services from support to live plant migrations. He managed to get into information security in 2016 and enjoys life as an Internet Mall Cop working on the Abuse Operations team at Heroku.

Links:

Similar Presentations: