CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

DevSecOps & Cloud Security Forum
  • May 6th (Thu)
  • 14:00 - 14:30
  • 7F 701G

Cloud Data Leak! Real IR Case on GCP

1. Story Begins : One day, we handled a case which is data leaked on a cloud platform.

2. Investigating : Mining for abnormal activities to infer how attacker attacked, and how we represent abnormal activity on a cloud platform.

3. Cloud TROLLS : Cloud platforms provide various functions for easier use, but they do not publish how every process works, so the documentation is incomplete. Not only GCP, but other cloud platforms also do the same. Above these reasons, we cannot apply the experience from other IT environments to cloud platforms.

4. Vulnerabilities of Cloud Configuration : It's very easy to add a new VM (instance) and operate them with default config, so do the attackers and it's dangerous.

5.What Should be Done After Incident? : Review the real case about architecture design, how they save the scene of incident, and how to fix the vulnerability.

6. How to Prevent For Next Time? : Listing several concepts of every cloud platforms to know how to reduce the posibility of being invaded.

Cloud Security Incident ResponseSecurity Architecture
Leon Wang

Leon Wang

Cloud Security Consultant, FUNNY SYSTEMS

Cloud Security Research, Cloud Architecture Design, UX Design, Python Developer