Daniel BARBU is a Ph.D candidate in the field of Information Security who brings passion into his daily tasks. He enjoyed learning and growing while working at Electronic Arts, Dell Secureworks and now Adobe. As a member of OWASP Bucharest Chapter and RAISA (Romanian Association for Information Security Assurance), Daniel is constantly seeking opportunities to popularize information security. On a personal note, he feels he owes his accomplishments to his wife and kid. Daniel is currently leading a team at Adobe Systems Romania where he focuses on the growth of the team members’ skill set.

Splunking the Clouds: finding the needle in AWS & Azure.

Terabytes of logs coming from all products, tools, and services in place within data centers were not enough. So, the latest challenge for an analyst within a Fortune 500 company’s SOC: find the attacker’s needles in the cloud logs. Challenge accepted! What if the haystack is in AWS & Azure at the same time? Challenge also accepted! We will start the discussion with issues we encountered as we began tackling these challenges, provide insight from other members of the security community facing similar issues, and wrap-up with stories from the trenches as we got to solutions. This talk will include tips and tricks on hunting for globally exposed S3 buckets, network groups permitting traffic from the internet, admins that do not use multi-factor authentication (MFA), and other useful hints. We will also show you how to gather information related to the costs of cloud usage and build eye-catching result reports for management.
Presentation’s Co-Presenter is Uzoma OGBONNA, SOC Analyst at Adobe.