Overview
- Presents real-world threats and risks facing cloud environments for businesses looking to embrace the cloud
- Covers the attack vectors used in cloud attacks, from misconfigurations to inappropriate entitlements
- Helps you understand the solutions and technology available to mitigate risks in the cloud
Access this book
Tax calculation will be finalised at checkout
Other ways to access
Table of contents (15 chapters)
-
Front Matter
-
Back Matter
Keywords
About this book
Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus—it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach.
New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company’s assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud.
Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity.
What You’ll Learn
- Know the key definitions pertaining to cloud technologies, threats, and cybersecurity solutions
- Understand how entitlements, permissions, rights, identities, accounts, credentials, and exploits can be leveraged to breach a cloud environment
- Implement defensive and monitoring strategies to mitigate cloud threats, including those unique to cloud and hybrid cloud environments
- Develop a comprehensive model for documenting risk, compliance, and reporting based on your cloud implementation
Who This Book Is For
New security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloudAuthors and Affiliations
About the authors
Brian Chappell is Chief Security Strategist for Beyond Trust, EMEA & APAC, and is a multi-skilled individual with a passion for delivering best practice solutions that help customers run their businesses more effectively and securely. His specialties include: cybersecurity solutions, IT strategy and implementation, project management, global IT operations management, sales engineering, software development, and enterprise and solutions architecture.
Christopher Hills is a Security Strategist focused on Privileged Access Management (PAM) and Identity and Access Management (IAM). He is Security Strategist for BeyondTrust's Privileged Access Management Solutions, enforcing Privileged Password Management and Privileged Session Management, Privileged Endpoint Management, and Secure Remote Access which utilizes a single pane of glass for all management aspects, including Automated Account Discovery, Privileged Management and Elevation, Audit and Compliance, and Behavior & Reporting. His responsibilities include: IAM/PAM focus, strategy, mentoring, leadership, customer and prospect liaison, thought leadership, background reference, business development, customer-facing GRC, and working closely with global sales and marketing organizations to help support GTM efforts while assisting with critical sales opportunities and key marketing events.
Bibliographic Information
Book Title: Cloud Attack Vectors
Book Subtitle: Building Effective Cyber-Defense Strategies to Protect Cloud Resources
Authors: Morey J. Haber, Brian Chappell, Christopher Hills
DOI: https://doi.org/10.1007/978-1-4842-8236-6
Publisher: Apress Berkeley, CA
eBook Packages: Professional and Applied Computing, Apress Access Books, Professional and Applied Computing (R0)
Copyright Information: Morey J. Haber, Brian Chappell, Christopher Hills 2022
Softcover ISBN: 978-1-4842-8235-9Published: 22 July 2022
eBook ISBN: 978-1-4842-8236-6Published: 21 July 2022
Edition Number: 1
Number of Pages: XXXI, 473
Number of Illustrations: 49 b/w illustrations