Jumping from cloud to on-premises and the other way around

Presented at BSidesLV 2023, Aug. 8, 2023, 10:30 a.m. (Unknown duration)

The use of the cloud is becoming more and more predominant in large companies. However, transitions from legacy infrastructure are sometimes done through "brutal" strategies (migration of 80% of the IS in 2 years). In fact, not all teams are properly trained to the new paradigm of security in the public cloud, leading therefore to blind spots in IS security.This workshop aims to reintroduce the main principles of the public cloud (shared responsibility model, managed services, RBAC rights model), and to highlight the possible ways of elevating privileges within CSPs and lateralization between the management plane (CSP) and the data plane (AD).Through a combination of theoretical lectures and hands-on exercises on dedicated labs, participants will gain a practical understanding of these concepts. No prior knowledge of cloud security or AD security is required.

Presenters:

• Raymond CHAN
  Raymond Chan is a pentester at Wavestone. He has been doing computer security for 5 years and focusing on cloud topics, mostly Azure, AWS and Microsoft 365. He likes data analysis, and inspired by graph models like Bloodhound, he looked for new paths to compromise domains. He found out that the cloud could be used to achieve that in a sneaky and stealthy way, a method he preferred to, let's say, Windows kernel reversing and EDR bypass. In his spare time, he enjoys listening to and playing music.
• Arnaud PETITCOL
  Cybersecurity auditor - Wavestone Arnaud has been working in IS and Cloud security for 5 years, addressing multiple topics such as offensive security (audit / pentest / red team), incident response (mainly O365), but also design & construction (he has helped build and securing AWS and Azure landing zones for two years, taking advantage of these projects to pass the AWS Solution Architect Associate certification).</br> Capitalizing on these experiences, he likes building CTF and labs to create or reproduce vulnerable environments that he makes available to his co-workers through a self-service app.

Links:

• https://www.bsideslv.org/talks#KR7L3K

Similar Presentations:

• Diana Initiative 2019 / Automating security operations in the Cloud
• Diana Initiative 2020 Virtual / Guardians of the cloud: the sysadmin's guide to cloud security
• AppSec USA 2015 / Hack the Cloud Hack the Company: the Cloud Impact on Enterprise Security