The (IAM) Call is Coming From Inside the House (SANs Spring Cyberfest 2024)
Most have a dark and malicious image in their head when they hear ‘insider threat’, but there can easily be a different kind of insider threat in your cloud.
Some cloud permissions are more sensitive by nature than others. They can create opportunities for access into your environment, gaining credentials, evading detection, or impacting your data. What happens when you lose control over who has these sensitive permissions?
Join us as we walk through several accidental or mistaken insider threat scenarios that may not seem dangerous, but could be. We’ll end with guidance on what you can do to better control access and cloud permissions.
–
Example powerful permissions:
- Microsoft.Automanage/configurationProfileAssignments/Delete
- Securitycenter.muteconfigs.create
- CreateFunctionUrlConfig + UpdateFunctionUrlConfig
- CreatePresignedNotebookUrl
