BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.hackfest.ca//hf2023//speaker//ZXURNG
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-hf2023-BHXGYC@cfp.hackfest.ca
DTSTART;TZID=EST:20231014T153000
DTEND;TZID=EST:20231014T162000
DESCRIPTION:This presentation delves into the realm of cloud computing's se
 curity challenges and the Red Team perspective. It sheds light on intrusio
 n testing\, shared security models\, and vulnerabilities unique to cloud s
 ystems. The discussion covers cloud intrusion testing's importance\, metho
 dologies\, and distinctiveness compared to traditional approaches. Identit
 y and Access Management's crucial role will be highlighted and explain thr
 ough the 3 main CSP AWS/Azure/GCP\, their main differences and security im
 plication. The talk will outlines reasons for conducting Red Team engageme
 nts focusing on critical resource access. Applied assessment methodologies
  are proposed\, including BlackBox\, AssumBreach\, and White Box approache
 s. Attack scenarios\, based on the Mitre Att&ck Cloud Matrix framework\, a
 re explored\, encompassing various stages. The presentation also delves in
 to using the cloud offensively (Redirectors\, storage and delivery)\, clou
 d-based phishing and Oauth abuse. The aim is to facilitate knowledge excha
 nge\, encourage research\, and enhance cloud security by leveraging Red Te
 am insights.
DTSTAMP:20260418T032735Z
LOCATION:Track #1
SUMMARY:Cloud environments: Red Team perspectives - Clément Cruchet
URL:https://cfp.hackfest.ca/hf2023/talk/BHXGYC/
END:VEVENT
END:VCALENDAR