Uzoma Ogbonna has more than 5 years of experience as a Network and Security Engineer and for the past 18 months has been working in the Adobe SOC with focus on Cloud Security. Being a blue teamer he is constantly working towards integrating monitoring tools with various Cloud services He has always enjoyed taking up new challenges which made him travel half way across the world alone at the age of 17 to take on his Bachelor’s degree in Electronics Engineering and Telecommunications In his past professional engagements with Vodafone Romania and Dell Secureworks, he enjoyed learning, growing and giving back to the Tech community.

Splunking the Clouds: finding the needle in AWS & Azure.

Terabytes of logs coming from all products, tools, and services in place within data centers were not enough. So, the latest challenge for an analyst within a Fortune 500 company’s SOC: find the attacker’s needles in the cloud logs. Challenge accepted! What if the haystack is in AWS & Azure at the same time? Challenge also accepted! We will start the discussion with issues we encountered as we began tackling these challenges, provide insight from other members of the security community facing similar issues, and wrap-up with stories from the trenches as we got to solutions. This talk will include tips and tricks on hunting for globally exposed S3 buckets, network groups permitting traffic from the internet, admins that do not use multi-factor authentication (MFA), and other useful hints. We will also show you how to gather information related to the costs of cloud usage and build eye-catching result reports for management.
Presentation’s Co-Presenter is Daniel Barbu, Manager of Security, TechOps Romania at Adobe.