After the successful staging of the Cloud Security Alliance Hong Kong & Macau Summit on October 12, it is time to go back to the regular CSA Knowledge Sharing Event in November.
This month we will look into cloud security from an attacker’s viewpoint. As we mentioned before, despite the fact that cloud environment is quite secure after many years of enhancement, attacks still happen.
In our next Knowledge Sharing Event, we invited Boris So, a technical professional, to bring us into the cloud security from the “dark side”. Boris is a technical expert and has in-depth knowledge in hacking and security attack. He will be showing us more information about common attack to cloud workloads with demonstration.
Participants will claim 1 CPE.
DATE: November 24, 2022 (Thursday)
TIME: 12:30 – 01:30 pm
TOPIC: Attacks on Cloud Workloads
Media of Language: Cantonese
SPEAKER: Boris So, OWASP HK Chapter Lead, Cloud Service Provider Technical Expert
- Address common attacks targeting cloud workloads, with demonstration simulating a major incident hitting the global news headline as well as other complicated attack vectors discovered in red team exercises.
- From the attack paths identified in these scenarios we are able to draw an abstract pattern of how attackers find a way in and escalate privilege.
- Finally we will try to go back to answer the fundamental question: is the cloud secure?
Boris is a software security specialist specializing in software design and architecture, threat modeling, secure programming and static code analysis, penetration and simulation test, code obfuscation, steganography, as well as rootkit research.
Currently Boris is working in a major cloud service provider, where he joined from one of the world’s leading US financial services institutes.
He is also the OWASP HK chapter lead, and he holds 2 US patents, 2 bachelor degrees in computing and surveying, and 2 master degrees in computer forensics and applied psychology.
Boris is an enthusiast in aviation and he holds a private pilot license. During his free time, he is probably spending his time flying while not hacking.
VIEW THE PRESENTATION: https://youtu.be/W8-Ssmy_8lk