How attackers exploit identity gaps to get into your cloud and SaaS - Paul Nguyen - ESW #401

You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise. Segment Resources: This blog post from...

You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise.

Segment Resources:

• This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams
• This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud
• Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
• and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs

Show Notes: https://securityweekly.com/esw-401