My session on Cloud Computing Security prepared for ISC2 Bangalore Chapter MeetUp. It is a walkthrough on the fundamental axioms of cloud security with reference to architecture standards, industry best practices and a coverage of some of the most pertinent attack vectors in the recent times. This presentation delves deeper into Cloud Security Reference Architectures, Cloud Security Operating Models, Cloud Firewalls, Cloud Identity Access Management Models, Cloud Malware Concepts etc.
These slides will cover the “Certified Cloud Security Professional” course by (ISC)2.
They are supposed to give you an idea about the course contents, and make it easier for you when reviewing the subjects.
Cloud Security Engineering - Tools and TechniquesGokul Alex
Cloud Security Engineering Education Materials prepared by Gokul Alex. It covers the essential tools and techniques to protect cloud enterprise architectures and cloud information systems.
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
Safeguarding the cloud with IBM Security solutions - Maintain visibility and control with proven security solutions for public, private and hybrid clouds.
These slides will cover the “Certified Cloud Security Professional” course by (ISC)2.
They are supposed to give you an idea about the course contents, and make it easier for you when reviewing the subjects.
Cloud Security Engineering - Tools and TechniquesGokul Alex
Cloud Security Engineering Education Materials prepared by Gokul Alex. It covers the essential tools and techniques to protect cloud enterprise architectures and cloud information systems.
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
Safeguarding the cloud with IBM Security solutions - Maintain visibility and control with proven security solutions for public, private and hybrid clouds.
This presentation is on the basics of cyber security and cloud computing, where it also addresses the aspects ethical hacking in detail.
The url of the live presentation: http://syscolabs.lk/blog/cyber-security-and-cloud-computing/
In shared infrastructures such as clouds, sensitive or regulated data—including run-time and archived data—must be properly segregated from unauthorized users. Database and system administrators may have access to multiple clients’ data, and the location of stored data in a cloud may change rapidly. Compliance requirements such as Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and others may need to be met. This webinar will discuss how to help protect cloud-based customer information and intellectual property from both external and internal threats.
View the On-demand webinar: https://www2.gotomeeting.com/register/187735186
Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use
Infrastructure Security by Sivamurthy HiremathClubHack
With the development of technology, the interdependence of various infrastructures has increased, which also enhanced their vulnerabilities. The National Information Infrastructure security concerns the nation’s stability and economic security. So far, the research in Internet security primarily focused on securing the information rather than securing the infrastructure itself.
The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber attacks we need immediate solutions for securing the Internet infrastructure. Given the prevailing threat situation, there is a compelling need to develop Hardware redesign architectures, Algorithms, and Protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. These attempts to fulfil this important step by providing classification of Security attacks are classified into four main categories: DNS hacking, Routing table poisoning, Packet mistreatment, and Denial-of-Service attacks. We are generally discussing on the existing Infrastructure solutions for each of these categories, and also outline a methodology for developing secured Nation.
Global Cyber Attacks Stats
What is Computing Security?
Cloud Computing, Models and Security Demystified
New Security Challenges of Cloud Computing
Security Dimensions – The CIA Triad
Scope of Cloud Computing Security
Security Challenge Eco-system
Vulnerabilities, Threats and Exposure Points
Attacks – Modes and Types
The Notorious Nine – Cloud Security Threats
Methods of Defence
Tenets of Security Control
Security Life Cycle
Cloud Security Components and Governance
Tiered Cloud Security Handling Framework
Bottom-line
Take-aways
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
This presentation is on the basics of cyber security and cloud computing, where it also addresses the aspects ethical hacking in detail.
The url of the live presentation: http://syscolabs.lk/blog/cyber-security-and-cloud-computing/
In shared infrastructures such as clouds, sensitive or regulated data—including run-time and archived data—must be properly segregated from unauthorized users. Database and system administrators may have access to multiple clients’ data, and the location of stored data in a cloud may change rapidly. Compliance requirements such as Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and others may need to be met. This webinar will discuss how to help protect cloud-based customer information and intellectual property from both external and internal threats.
View the On-demand webinar: https://www2.gotomeeting.com/register/187735186
Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use
Infrastructure Security by Sivamurthy HiremathClubHack
With the development of technology, the interdependence of various infrastructures has increased, which also enhanced their vulnerabilities. The National Information Infrastructure security concerns the nation’s stability and economic security. So far, the research in Internet security primarily focused on securing the information rather than securing the infrastructure itself.
The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber attacks we need immediate solutions for securing the Internet infrastructure. Given the prevailing threat situation, there is a compelling need to develop Hardware redesign architectures, Algorithms, and Protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. These attempts to fulfil this important step by providing classification of Security attacks are classified into four main categories: DNS hacking, Routing table poisoning, Packet mistreatment, and Denial-of-Service attacks. We are generally discussing on the existing Infrastructure solutions for each of these categories, and also outline a methodology for developing secured Nation.
Global Cyber Attacks Stats
What is Computing Security?
Cloud Computing, Models and Security Demystified
New Security Challenges of Cloud Computing
Security Dimensions – The CIA Triad
Scope of Cloud Computing Security
Security Challenge Eco-system
Vulnerabilities, Threats and Exposure Points
Attacks – Modes and Types
The Notorious Nine – Cloud Security Threats
Methods of Defence
Tenets of Security Control
Security Life Cycle
Cloud Security Components and Governance
Tiered Cloud Security Handling Framework
Bottom-line
Take-aways
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
There is an increasing trend witnessed in the cloud computing technology which has led to a lot of risks in preserving the Confidentiality, Integrity and Availability of data. The Cloud is now facing a lot of compliance requirements due to the sensitivity of the data that is being stored. View this presentation to understand the Cloud Compliance Requirements, Risks, Audit Processes and Methodologies involved in providing assurance.
This presentation was given by CA Anand Prakash Jangid at the Conference on Cloud Computing conducted by the Committee on Information Technology of the Institute of Chartered Accountants of India on 11th January 2014.
Risks in cloud computing
Data security in cloud
Cloud security services
Tools and technologies for cloud
Cloud mashaps
Apache hadoop
Cloud tools
central level security
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
Abstract: Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider. We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against the misuse of the user’s real data. Experiments conducted in a local file setting provide evidence that this approach may provide unprecedented levels of user data security in a Cloud environment.
Keywords: Mist, Insider data stealing, Bait information, Lure Files, Validating user
Cloud is not an option, but is security?Jody Keyser
A "cloudless" computing environment in your enterprise is not an option, due to the coming wave of the Cloud. Cloud Security is an option of course. Spend an hour with one of the industries top cloud security consultants, Graham Silver.
Webinar / Discussion / Q&A
AGENDA:
- Common understanding of Cloud
- Look at Cloud Computing Trends
- Examine Cloud Security Concerns
- Introduce Cloud Life Cycle
- Cloud Security Assessment
EMEA10: Trepidation in Moving to the CloudCompTIA UK
Today’s buzz centres on cloud computing. What is it exactly? Will it dent your revenues or does it have potential to add capabilities to your business? How do you deliver value when you don’t “install” anything? Learn how to use this new approach to delivering IT services in your business, what to consider and where it makes sense – and where it doesn’t! Dave Sobel, CEO of Evolve Technologies, talks to you about how to develop cloud offerings and how you position your business for growth around online services. Strategies come from real life experience, industry data, and collaboration with other solution providers to give you the best way to take on the big, bad cloud.
Similar to Cloud Security - Emerging Facets and Frontiers (20)
Blockchain Technology in Banking Services - A ReviewGokul Alex
My session for IIM Bengaluru for the Executive Leaders of Public Sector Banks in India about the principles, paradigms, platforms, protocols and potentials of Blockchain Technology in 2020.
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFGokul Alex
DEFCON is is one of the world's largest and most notable hacker conventions in the world. It an esoteric experience of an elusive kind. It is a daring dream to destroy the dystopian darkness of super surveillance states. Here we are presenting our passion for Blockchain Security in DEFCON 28, based on the theme - 'Preventing DDoS Attacks on Ethereum 2.0 using Verifiable Delay Function Powered Authentication Architectures'. When we teamed up together a month ago, we never ever imagined that we will march into the league of extraordinary hackers to present our beloved blockchain security models in-front of the pioneers and paragons in the security space. We are grateful to all our well wishers in Governments, Private Sector, Academic Institutions, Think Tanks, Research Organisations across the world who has inspired us to deep dive on the creative convergence of cryptography and consensus algorithms to weave this world together. Our session is part of the Block Village stream in the DEFCON 28. Please find further details of the event in the Block Village portal. https://www.blockchainvillage.net/schedule2020
#defcon2020 #defcon28 #cybersecurity #ethereum #blockvillage #blockchainsecurity #blockchainaudit
Digital Innovation and Dynamics of Entrepreneurship Gokul Alex
Presentation by Gokul Alex on the Dynamics of Entreprenship and how Digital Innovation powers the journey into business mastery. He has presented this session for the Career Guidance Unit of Sarabhai Institute of Science and Technology, Trivandrum.
Decentralised AI and Distributed Ledgers - An IntroductionGokul Alex
The presentation on Decentralised Machine Intelligence powered by Distributed Ledgers from Gokul Alex in the 3AI Association Thought Leadership Forum Webinar Series. An introduction to Ocean Protocol, Raven Protocol, SingularityNET and reference architectures of decentralised machine intelligence.
R3Corda - Architecture Overview - Concepts and ComponentsGokul Alex
All India Council for Technical Education AICTE India has organised a Short Term Training Program (STTP) on Blockchain Technology for Engineering Educators across India over in this week. It was an exciting event for us in working on the convergence of academia and industry. Thanks to the support from 'The Blockchain Network' (TBN), I could present a couple of protocol and platform deep dive sessions on Hyperledger Fabric and R3 Corda. Please find the compilation of concepts and components that we have discussed on R3 Corda in this session in the attached document. Request your views and comments!
Covid19 ContactTracing - Privacy Preserving Proximity ProtocolsGokul Alex
Presentation Session by Gokul Alex for Tamil Nadu Science Foundation on the Collection of Cryptographic Techniques for COVID-19 Contact Tracing in the framework of Privacy Preserving Proximity Protocols. This is a research report compiled in collaboration with EPIC Knowledge Society, RedTeam Hacker Academy, Beyond Identity, Semiot Protocols, Cyanaura Maps.
Cybersecurity Context in African Continent - Way ForwardGokul Alex
The slides from the presentation session by Gokul Alex on the Enigmatic Economy of Cyber Crimes and Cyber Attacks across the globe with the specific focus on African Continent ravaging countries such as South Africa, Nigeria, Kenya, etc. Cybersecurity issues are looming large and assuming larger significance in the post pandemic political economies. This presentation was delivered to the TAFFD Virtual Conference on Cybersecurity in July 2020 together with Red Team Hacker Academy and BeyondIdentity.
Creative Careers for Post Pandemic TimesGokul Alex
A lecture on the creative careers for the post-pandemic times by Gokul Alex, founder of EPIC Knowledge Society for the Webinar Organised by Teknowledge Edutainers with the focus on understanding the rise of societal technology infrastructure in the pandemic times and foreseeing the emerging trends in technology in the post-pandemic times in areas such as AI, Analytics, Blockchain, Privacy, Geospatial Analytics, Biohacking, Bioinformatics, Drones, Internet of Things, Privacy Preserving Protocols, Robotics etc. This presentation is envisioning a convergent and connected technology infrastructure with the focus of social entrepreneurship and digital health in recent times.
Imagining Intelligent Information Machines for 2020Gokul Alex
A Strategic Roadmap for Artificial Intelligence in Social Sector considering the challenges and constraints of 2020. A survey of global reference case studies, key pillars, maturity models, growth markets, revenue projections, use cases etc.
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...Gokul Alex
This is an Executive Leadership Workshop Program by Gokul Alex on the fundamentals and frontiers of Blockchain which is a transformative technology covering key concepts such as value proposition design, competitive advantage, operating models, value streams, architecture frameworks etc. It is a distillation of essential concepts and emerging frontiers in the world of distributed ledger technologies.
A Concise Introduction to Cryptographic ConceptsGokul Alex
A Concise Introduction to Cryptographic Concepts by Gokul Alex in the ALTERED 2020 Virtual Conference Organised by IEEE Kerala Section in MBCET. This session covers the historic emergence of cryptographic schemes such as Ceaser Cipher, Substitution Cipher, Transposition Cipher, Vigenre Cipher, Vernam Cipher, One Time Pad, RSA, Diffie Hellman, Elliptic Curves, Hash Algorithms etc.
Applying Blockchain Technology for Digital TransformationGokul Alex
My virtual webinar session on applying Blockchain Technology for Digital Transformation of Contemporary Business Models in the UL Talks Series organised by ULTS, the IT Subsidiary of ULCCS. This presentation is a journey through the basic concepts of Blockchain Technology and a compilation of interesting business cases around Blockchain Technology.
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...Gokul Alex
Key Note Address by Gokul Alex in the Estuary 2020 Event organised by Indian Maritime University in Chennai on the theme of E-Commerce and Digital Technologies.
Decentralised AI through Distributed Ledger Technologies Gokul Alex
My seminar lecture session on Decentralised AI through Distributed Ledger Technologies in the second National Seminar on Machine Intelligence organised by University of Kerala, Department of Computer Science on 24th January 2020. I have covered the foundations of distributed ledger technologies, decentralisation roadmap, decentralised AI and decentralised data exchanges in this session.
Quantum Computing - A History in the Making Gokul Alex
Please find my key note lecture on Quantum Computing presented at the RedTeam Security Summit 2019 in North Kerala at Malabar in Calicut City. This session is a survey on the history of Quantum Computing from early 1960's to the recent Quantum Supremacy experiment done by Google along with University of Santa Barbara. It captures the history from conjugate coding to sycamore processor succinctly. It also captures the essence of post quantum cryptography and quantum algorithms.
Introduction to Blockchain Business ModelsGokul Alex
From my presentation on Blockchain Business Models delivered at World Trade Centre, Bengaluru. This session was a deep dive on Business Modelling Techniques and their relevance to Blockchain Projects and Platforms. Business Model Canvas is tailor made for various blockchain engagements. I have compiled a collection of 20 business models around blockchain in this deck.
A Deep Dive into the Interplay of Cryptographic Schemes and Algorithms powering the state of the art security models in Blockchain as manifested by the legendary Cryptocurrency Scheme Bitcoin. Presented in the IT Audit and Cybersecurity Conclave Organised by ISACA and Red Team Hacker Academy in Kochi, Kerala.
Introduction to Blockchain Governance ModelsGokul Alex
The presentation on the history and emergence of distributed consensus and the contemporary aspects of Blockchain Governance presented for the Global FinTech and Blockchain Forum organised by Pyramid Learning Platforms.
Generational Adversarial Neural Networks - Essential ReferenceGokul Alex
My presentation on Generational Adversarial Neural Networks and the Challenges of Adversarial Learning Conditions in Neural Networks presented during the National Symposium on Machine Intelligence organised by Kerala University in 2017 in Thiruvananthapuram.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
4. Cloud Security Statistics
» Global Security Spending is expected to reach
$103.1 billion in 2019, up 9.4% for 2018.
» Cloud is expected to account for 38% of the
security budgets in 2020, up from 18% in
2018.
4
6. CapitalOne
On July 29, FBI agents arrested Paige A. Thompson on suspicion
of downloading nearly 30 GB of Capital One credit application
data from a rented cloud data server. Capital One said the
incident affected approximately 100 million people in the United
States and six million in Canada.
6
7. The Twitter user “erratic” posting about tools and
processes used to access various Amazon cloud instances.
7
8. Capital One incident contains the hallmarks
of many other modern data breaches
» The attacker was a former employee of the web
hosting company involved which is what generally
referred as insider threat
» She allegedly used web application firewall
credentials to obtain privileges escalation
» She also used TOR and an offshore VPN for
obfuscation commonly seen in similar data breaches
8
9. A Forensic Approach to the CapitalOne
Incident
» She must have used AWS CLI or PowerShell that used the API
credentials
» Then she could have done ‘list buckets’ and ‘sync buckets’. The
credentials were for ISRM-WAF
» Speculation is that Credentials such as the access tokens were
retrieved from the AWS Metadata API via the web application with a
SSRF vulnerability
» In third party WAF, if we can connect to the Metadata end point, we
can pull the ephemeral API key to use with the AWS CLI
9
10. A Forensic Approach to the CapitalOne
Incident
» She may have found AWS IAM credentials that
allowed her to access all sort of S3 stuff.
» It is quite possible that there was just a
misconfigured EC2 instance that had those
overly permissive IAM role / credential
available.
10
11. How did Capital One Team respond ?
The good news, however, is that Capital One Incidence Response
was able to move quickly once they were informed of a possible
breach via their Responsible Disclosure program, which is
something a lot of other companies struggle with.
11
12. Microsoft
In late 2010, Microsoft experienced a breach that was traced
back to a configuration issue within its Business Productivity
Online Suite.
The problem allowed non-authorized users of the cloud service to
access employee contact info in their offline address books.
Microsoft claims that customer had access to their data and that
they fixed the issue two hours after it occured.
12
13. Dropbox
No one knew the severity of the breach cloud-based file sharing
giant Dropbox announced back in 2012.
In fact, it wasn’t until four years later that we learned what
really happened. Hackers tapped into more than 68 million user
accounts – email addresses and passwords included – representing
nearly 5 gigabytes of data.
Those stolen credentials reportedly made their way to a dark
web marketplace – the price for them was bitcoins.
13
14. National Electoral Institute of Mexico
In April 2016, the National Electoral Institute of Mexico was the
victim of a breach that saw over 93 million voter registration
records compromised.
Most of the records were lost due to a poorly configured
database that made this confidential information publicly
available to anyone.
Later it was identified that the Institute was storing data on an
insecure, illegally hosted Amazon cloud server outside of Mexico.
14
15. Six most common cloud computing
security risks
» Distributed Denial of Service
» Shared Cloud Computing Services
» Data Loss and Inadequate Backups
» Phishing and Social Engineering Attacks
» System Vulnerabilities
15
17. Cloud computing fundamentals
• Features
– Use of internet-based services to support business process
– Rent IT-services on a utility-like basis
• Attributes
– Rapid deployment
– Low startup costs/ capital investments
– Costs based on usage or subscription
– Multi-tenant sharing of services/ resources
• Essential characteristics
– On demand self-service
– Ubiquitous network access
– Location independent resource pooling
– Rapid elasticity
– Measured service
17
18. “Cloud computing is a compilation of existing techniques and technologies, packaged within a
new infrastructure paradigm that offers improved scalability, elasticity, business agility, faster
startup time, reduced management costs, and just-in-time availability of resources”
18
19. Cloud computing : Advantages
• Efficiency
• Cost
• Time
• Reliability
• Availability
• All environments, especially disaster recovery
• Scalability
• Elastic capacity
• Manageability
• Cost effective
• Capital expenditure free
19
20. Cloud Computing : Disadvantages
• To be fair we need to mention disadvantages however most can be overcome
• Hard to establish clear governance
• Unclear documentation and specifications
• Vendor lock-in
• Limited control
• Security ****
20
21. Cloud Operating Models
• Delivery Models
– SaaS
– PaaS
– IaaS
• Deployment Models
– Private cloud
– Community cloud
– Public cloud
– Hybrid cloud
• Management Models (trust and tenancy issues)
– Self-managed
– 3rd party managed (e.g. public clouds and VPC)
21
22. Cloud Computing Service Architecture
22
Facilities
Hardware
Integration
Middleware
Interfaces
Abstraction Layer
Connectivity/Network
Presentment
Application Programming Interfaces
Data Metadata
Applications/Software
Infrastructure as a Service
Platform as a Service
Software as a Service
23. Cloud Delivery Models and Security
‣ Cloud-based IaaS does not typically expose actual hardware or networking layers
to the tenant of the service, rather these underlying resources are abstracted for
the consumer.
‣ PaaS abstracts infrastructure to a greater extent and generally presents
middleware containers that are tailored for categories of usag such as
development.
‣ SaaS abstracts even further and generally exposes narrow-functionality software-
based services such as Customer Relationship Management (CRM) or e-mail.
‣ At every step up the continuum, there are increasing limitations on lower-level
computing functions. In other words, from IaaS to SaaS underlying computing
functions are more and more abstracted
23
24. Cloud Delivery Models and Security
‣ With SaaS, the burden of security lies with the cloud provider. In part,
this is because of the degree of abstraction, but the SaaS model is
based on a high degree of integrated functionality with minimal
customer control or extensibility.
‣ By contrast, the PaaS model offers greater extensibility and greater
customer control but fewer higher-level features. Largely because of
the relatively lower degree of abstraction, IaaS offers greater tenant or
customer control over security than do PaaS or SaaS.
24
29. Cloud Computing : Common Questions
• The cloud acts as a big black box, nothing inside the cloud is visible
to the clients
• Clients have no idea or control over what happens inside a cloud
• Even if the cloud provider is honest, it can have malicious system
admins who can tamper with the VMs and violate confidentiality
and integrity
• Clouds are still subject to traditional data confidentiality, integrity,
availability, and privacy issues, plus some additional attacks
29
31. Cloud security concerns and
management models
• Most security problems stem from:
– Loss of control
– Lack of trust (mechanisms)
– Multi-tenancy
• These problems exist mainly in 3rd party management models
– Self-managed clouds still have security issues, but not
related to above
31
32. Loss of control in cloud
• Consumer’s loss of control
– Data, applications, resources are located with provider
– User identity management is handled by the cloud
– User access control rules, security policies and enforcement are
managed by the cloud provider
– Consumer relies on provider to ensure
• Data security and privacy
• Resource availability
• Monitoring and repairing of services/resources
32
33. Lack of trust in cloud
• Trusting a third party requires taking risks
• Defining trust and risk
– Opposite sides of the same coin (J. Camp)
– People only trust when it pays (Economist’s view)
– Need for trust arises only in risky situations
• Defunct third party management schemes
– Hard to balance trust and risk
– e.g. Key Escrow (Clipper chip)
– Is the cloud headed toward the same path?
33
34. Multi tenancy issues in the cloud
• Conflict between tenants’ opposing goals
– Tenants share a pool of resources and have opposing goals
• How does multi-tenancy deal with conflict of interest?
– Can tenants get along together and ‘play nicely’ ?
– If they can’t, can we isolate them?
• How to provide separation between tenants?
• Cloud Computing brings new threats
– Multiple independent users share the same physical infrastructure
– Thus an attacker can legitimately be in the same physical machine as the
target
34
35. Taxonomy of fear
• Confidentiality
– Fear of loss of control over data
• Will the sensitive data stored on a cloud remain confidential?
• Will cloud compromises leak confidential client data
– Will the cloud provider itself be honest and won’t peek into the data?
• Integrity
– How do I know that the cloud provider is doing the computations correctly?
– How do I ensure that the cloud provider really stored my data without
tampering with it?
35
36. Taxonomy of fear ( CONTD. )
• Availability
– Will critical systems go down at the client, if the provider
is attacked in a Denial of Service attack?
– What happens if cloud provider goes out of business?
– Would cloud scale well-enough?
– Often-voiced concern
• Although cloud providers argue their downtime
compares well with cloud user’s own data centres
36
37. Taxonomy of fear ( CONTD. )
• Privacy issues raised via massive data mining
– Cloud now stores data from a lot of clients, and can run data
mining algorithms to get large amounts of information on clients
• Increased attack surface
– Entity outside the organisation now stores and computes data, and
so
– Attackers can now target the communication link between cloud
provider and client
– Cloud provider employees can be phished
37
38. Taxonomy of fear ( CONTD. )
• Auditability and forensics (out of control of data)
– Difficult to audit data held outside organisation in a cloud
– Forensics also made difficult since now clients don’t maintain data
locally
• Legal dilemma and transitive trust issues
– Who is responsible for complying with regulations?
• e.g., SOX, HIPAA, GLBA ?
– If cloud provider subcontracts to third party clouds, will the data
still be secure?
38
40. Cloud security challenges
• Security is one of the most difficult task to implement in cloud
computing.
– Different forms of attacks in the application side and in the
hardware components
• Attacks with catastrophic effects only needs one security flaw
40
41. Threat model
• A threat model helps in analysing a security problem, design
mitigation strategies, and evaluate solutions
•Steps:
– Identify attackers, assets, threats and other components
– Rank the threats
– Choose mitigation strategies
– Build solutions based on the strategies
41
42. Threat model
• Basic components
– Attacker modelling
• Choose what attacker to consider
– insider vs. outsider?
– single vs. collaborator?
• Attacker motivation and capabilities
– Attacker goals
– Vulnerabilities / threats
42
43. Trust context and threat models
• The core issue here is the levels of trust
– Many cloud computing providers trust their customers
– Each customer is physically commingling its data with data from anybody
else using the cloud while logically and virtually you have your own space
– The way that the cloud provider implements security is typically focused on
they fact that those outside of their cloud are evil, and those inside are good.
• But what if those inside are also evil?
43
44. Attack vectors : Malicious insiders
• At client
– Learn passwords/authentication information
– Gain control of the VMs
• At cloud provider
– Log client communication
– Can read unencrypted data
– Can possibly peek into VMs, or make copies of VMs
– Can monitor network communication, application patterns
– Why?
• Gain information about client data
• Gain information on client behavior
• Sell the information or use itself
44
45. Attack vectors : Outside attacks
• What?
– Listen to network traffic (passive)
– Insert malicious traffic (active)
– Probe cloud structure (active)
– Launch DoS
• Goal?
– Intrusion
– Network analysis
– Man in the middle
– Cartography
45
47. Security issues in the cloud
• In theory, minimising any of the issues would help:
– Third Party Cloud Computing
– Loss of Control
• Take back control
– Data and apps may still need to be on the cloud
– But can they be managed in some way by the consumer?
– Lack of trust
• Increase trust (mechanisms)
– Technology
– Policy, regulation
– Contracts (incentives)
– Multi-tenancy
• Private cloud
– Takes away the reasons to use a cloud in the first place
• VPC: its still not a separate system
• Strong separation
47
48. Third party cloud computing
• Known issues: Already exist
• Confidentiality issues
• Malicious behaviour by cloud provider
• Known risks exist in any industry practicing outsourcing
• Provider and its infrastructure needs to be trusted
48
49. New vulnerabilities and attacks
• Threats arise from other consumers
• Due to the subtleties of how physical resources can be transparently shared
between VMs
• Such attacks are based on placement and extraction
• A customer VM and its adversary can be assigned to the same physical
server
• Adversary can penetrate the VM and violate customer confidentiality
49
50. More on attacks
• Collaborative attacks
• Mapping of internal cloud infrastructure
• Identifying likely residence of a target VM
• Instantiating new VMs until one gets co-resident with the target
• Cross-VM side-channel attacks
• Extract information from target VM on the same machine
50
51. More on attacks
1. Can one determine where in the cloud infrastructure an instance is located?
2. Can one easily determine if two instances are co-resident on the same
physical machine?
3. Can an adversary launch instances that will be co-resident with other user
instances?
4. Can an adversary exploit cross-VM information leakage once co-resident?
Answer: Yes to all
51
52. Minimise lack of trust : Policy language
• Consumers have specific security needs but don’t have a say-so in how they are handled
– Currently consumers cannot dictate their requirements to the provider (SLAs are one-sided)
• Standard language to convey one’s policies and expectations
– Agreed upon and upheld by both parties
– Standard language for representing SLAs
• Create policy language with the following characteristics:
– Machine-understandable (or at least processable),
– Easy to combine/merge and compare
52
53. Minimise lack of trust : Certification
• Certification
– Some form of reputable, independent, comparable assessment and description
of security features and assurance
• Sarbanes-Oxley, DIACAP, DISTCAP, etc
• Risk assessment
– Performed by certified third parties
– Provides consumers with additional assurance
53
54. Minimise Lose of Control : Monitoring
• Cloud consumer needs situational awareness for critical applications
– When underlying components fail, what is the effect of the failure to the mission logic
– What recovery measures can be taken
• by provider and consumer
• Requires an application-specific run-time monitoring and management tool for the consumer
– The cloud consumer and cloud provider have different views of the system
– Enable both the provider and tenants to monitor the components in the cloud that are under
their control
54
55. Minimise Loss of Control : Monitoring
– Provide mechanisms that enable the provider to act on attacks he can handle.
• infrastructure remapping
– create new or move existing fault domains
• shutting down offending components or targets
– and assisting tenants with porting if necessary
• Repairs
– Provide mechanisms that enable the consumer to act on attacks that he can handle
• application-level monitoring
• RAdAC (Risk-adaptable Access Control)
• VM porting with remote attestation of target physical host
• Provide ability to move the user’s application to another cloud
55
56. Minimise Lose of Control : Diversity
• The concept of ‘Don’t put all your eggs in one basket’
– Consumer may use services from different clouds through an intra-cloud or multi-cloud architecture
– A multi-cloud or intra-cloud architecture in which consumers
• Spread the risk
• Increase redundancy (per-task or per-application)
• Increase chance of mission completion for critical applications
– Possible issues to consider:
• Policy incompatibility (combined, what is the overarching policy?)
• Data dependency between clouds
• Differing data semantics across clouds
• Knowing when to utilize the redundancy feature
– monitoring technology
• Is it worth it to spread your sensitive data across multiple clouds?
56
57. Minimise Lose of Control : IAM
• Many possible layers of access control
– E.g. access to the cloud, access to servers, access to services, access to databases (direct and queries via web services),
access to VMs, and access to objects within a VM
– Depending on the deployment model used, some of these will be controlled by the provider and others by the consumer
• Regardless of deployment model, provider needs to manage the user authentication and access control procedures (to the cloud)
– Federated Identity Management: access control management burden still lies with the provider
– Requires user to place a large amount of trust on the provider in terms of security, management, and maintenance of
access control policies.
• This can be burdensome when numerous users from different organizations with different access control policies,
are involved
57
58. Minimise Multi Tenancy
• Can’t really force the provider to accept less tenants
– Can try to increase isolation between tenants
• Strong isolation techniques (VPC to some degree)
• QoS requirements need to be met
• Policy specification
– Can try to increase trust in the tenants
• Who’s the insider, where’s the security boundary? Who can I trust?
• Use SLAs to enforce trusted behavior
58
60. Cloud Architecture Constraints
» Costs and Resources
‣ The cloud provider’s financial resources will act to constrain investment in technology, security controls included. But it is
important to recognize that the absence of unlimited resources can be very motivating to how one designs, architects, and
builds.
» Reliability
‣ This is a quality that refers to the degree you can depend on a system to deliver its stated services. Reliability can be described
as a guarantee that the underlying technology can provide delivery of services
» Performance
• A measure of one or more qualities that have to do with the usefulness of a system.
» The Security Triad
• The essential security principles of confidentiality, integrity, and availability apply to most of the systems.
» Legal and Regulatory Constraints
60
66. Cloud Firewall categories
‣ Cloud-based firewalls come in two delicious flavours: vanilla and
strawberry.
‣ Both flavours are software that checks incoming and outgoing
packets to filter against access policies and block malicious traffic.
66
67. Cloud firewall categories
‣ Vanilla firewalls are usually stand-alone products or services designed to protect an enterprise network
and its users—like an on-premises firewall appliance, except that it’s in the cloud.
‣ Service providers call this a software-as-a-service (SaaS) firewall, security as a service (SECaaS), or even
firewall as a service (FWaaS)
‣ By contrast, strawberry firewalls are cloud-based services that are designed to run in a virtual data center
using your own servers in a platform-as-a-service (PaaS) or infrastructure-as-a-service (IaaS) model.
‣ In these cases, the firewall application runs on the virtual servers and protects traffic going to, from, and
between applications in the cloud.
‣ The industry sometimes calls these next-generation firewalls, though the term is inconsistently applied
and sometimes refers to any advanced firewall system running on-prem or in the cloud.
67
68. Cloud firewall value proposition
What makes a cloud-based firewall different from an on-premise firewall (other than being
off-premise) comes down to three things: scalability, availability and extensibility.
Scalability: Cloud-based firewall providers deliver services to multiple customers and at
the core of their service they use firewalls designed to scale to meet ever-increasing
demand.
From the enterprise perspective this scalability comes into play when bandwidth increases.
Unlike an on-premise firewall that needs replacement when bandwidth exceeds firewall
throughput, cloud-based firewalls are designed to scale as customer bandwidth increases—
or at least any hardware upgrade has to be made transparent to customers. Availability:
68
69. Cloud firewall advantage layers
‣ Cloud-based firewall providers offer extremely high availability (> 99.99%) through an infrastructure with fully
redundant power, HVAC, and network services, as well as backup strategies in the event of a site failure.
‣ In contrast, on-premise firewalls are only as reliable as the existing IT infrastructure, which may not be an issue at
the data centre but could be at the branch.
‣ High availability is certainly possible but depending on the manufacturer, high-availability can double the cost of
hardware and make operations more complex.
‣ Extensibility: Cloud-based firewalls are available anywhere the network manager can provide a protected
communications path. Given interconnection agreements between network providers, the footprint of service
may extend well beyond the boundaries of any single service provider’s network.
‣ An on-premise firewall on the other hand may be deployed at any corporate location, with the associated capital
cost (higher for redundancy)—if there is enough space and the necessary out-of-band management connection.
69
71. Cloud Malware Attack Types
» DDoS Attacks
• Botnets are becoming more and more common, with malware-as-a-service
being offered by more malicious actors at an increasingly cheap price.
• Self-service cloud offerings allow these attackers to easily gain access and
notoriety by launching large-scale DDoS attacks, which have been
measured at speeds of up to 30 Gbps.
• Since cloud computing hosts multiple customers in a single cloud, these
attacks can affect your cloud environment, as well.
71
72. Cloud Malware Attack Types
» Hypercall Attacks
• An attacker uses a Virtual Machine (VM) to intrude the victim’s VM by exploiting the Virtual Machine Manager
(VMM) hypercall handler.
• This gives the attacker the ability to access VMM privileges and possibly even execute malicious code.
» Hypervisor DoS
• This attack uses a high percentage of your hypervisor’s resources in order to leverage flaws in design or setup.
• Researchers found that this malware accounted for 70 percent of malware attacks targeting cloud providers’
hypervisor, which manages customers’ virtual environments.
• One study found that 71.2 percent of all Xen and 65.8 percent of all KVM vulnerabilities could be exploited by
a guest VM.
72
73. Cloud Malware Attack Types
‣ Co-Location
‣ An attacker tries to find the target VM’s host in order to place their own VM on the same host. This is used
to gain leverage in cross-VM side-channel attacks, such as Flush/Reload or Prime and Probe.
‣ Hyperjacking
‣ This is where an attacker tries to take control of the hypervisor, sometimes using a virtual machine-based
rootkit. If the attacker is successful, they will have access to the entire machine. This could be used to
change the behavior of the VM, causing it to be partially or fully compromised.
‣ Man in the middle (MITM)
‣ MITM is when an attacker can intercept and/or change messages exchanged between users. Ghostwriter is
a common precursor to a MitM attack. This allows the attacker access to a misconfigured cloud
configuration with public write access.
73
74. Cloud Malware Attack Types
‣ Exploiting Live Migration
‣ During migration from one cloud service provider to another, the cloud management system is tricked into creating multiple migrations,
which turns into a denial-of-service attack. This can also be used to potentially craft a VM Escape.
‣ VM Escape
‣ This accounts for 13.1 percent of all malware attacks on virtual machines in cloud environments. VM Escape involves running in a VM and
escaping to infect the hypervisor. The goal in this attack is to obtain root privileges, host OS control and maybe even full access across the
environment.
‣ Flush/Reload
‣ This attack utilises a memory optimisation technique known as memory deduplication. By enacting a sophisticated cross side-channel
technique, a malicious actor can detect a full AES encryption key.
‣ Prime and Probe
‣ This is a VM cross side-channel attack that utilises cache instead of memory. The attacker fills the cache with some of their own information.
Once the victim uses the VM, the attacker uses this information to see which cache lines were accessed by the victim. This method has been
used to recover an AWS encryption key.
74