1. Story Begins : One day, we handled a case which is data leaked on a cloud platform.
2. Investigating : Mining for abnormal activities to infer how attacker attacked, and how we represent abnormal activity on a cloud platform.
3. Cloud TROLLS : Cloud platforms provide various functions for easier use, but they do not publish how every process works, so the documentation is incomplete. Not only GCP, but other cloud platforms also do the same. Above these reasons, we cannot apply the experience from other IT environments to cloud platforms.
4. Vulnerabilities of Cloud Configuration : It's very easy to add a new VM (instance) and operate them with default config, so do the attackers and it's dangerous.
5.What Should be Done After Incident? : Review the real case about architecture design, how they save the scene of incident, and how to fix the vulnerability.
6. How to Prevent For Next Time? : Listing several concepts of every cloud platforms to know how to reduce the posibility of being invaded.
Cloud Security Research, Cloud Architecture Design, UX Design, Python Developer