Don’t _miss

Wire Festival

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam blandit hendrerit faucibus turpis dui.

Useful links

Call For Papers

Tickets & Merch

Sponsorship

Presentations

Workshop sessions

Speakers

Venue info

 

<We_can_help/>

What are you looking for?

<Good_things_happen/> Welcome to Conference

d

Copyright @ Select-themes

Follow us

>The New SaaS Cyber Kill Chain

The New SaaS Cyber Kill Chain

 

Once upon a time, we thought of cyber attacks in terms of recon, port scanning, enumeration, vulnerability identification and exploitation and we had various approaches we would use to frustrate attackers at every phase. As the cat and mouse game of security continued, this eventually morphed into an endpoint compromise- focused process involving initial access, exploitation, persistence, command and control and lateral movement inside a complex internal network. But with the remote working and SaaS revolution, the way organisations work has changed radically – so what does the cyber kill chain look like now? This talk will consider what a new SaaS cyber kill chain looks like for modern organisations that are fully SaaS native without any concept of an internal network, and the surprising number of attacks that are possible without touching company owned endpoints or infrastructure We will consider topics like how the initial access stage is changing due to the availability of so many potential beachheads, what lateral movement looks like in a world with no internal infrastructure to migrate to and how persistence methods have changed and are much more resilient to common containment measures such as password resets and secure device wipes.

About the Speaker

Luke Jennings is a security researcher from the UK. He spent most of his early career focused on red teaming and offensive security research at MWR, before moving on to developing new detection and response techniques and designing EDR software as the Chief Research Officer for Countercept. He has now pivoted away from the endpoint to focusing on the emerging threats in SaaS security at Push Security.