Find, Classify, Secure: Data Recon in AWS & Azure
Dave Shackleford, Principal, Voodoo Security
Do you know where your data is? It seems like such a simple question. Many security teams think they do, because they have a map and a plan of where data is supposed to be. Seeing where data actually is in the cloud requires more than a static plan – you need the capacity for dynamic reconnaissance. You also need a deep understanding of how data can be accessed to assign it a true ‘location’ to harden.
Couple this complexity with the ever-growing scale of cloud, and data classification becomes critical: with an ever-growing cloud footprint, vulnerabilities need to be prioritized by sensitivity. PII in a public bucket is a much bigger problem than SOC compliance issues in a staging environment. They both need attention, but you’ll never have the resources to cover off every issue with the same speed.
Securing data starts with seeing data, and seeing it clearly. Where it lives, how sensitive it is, and how it can be accessed are the first pieces of information to gather to prioritize your security tasks. Then you can start the work of hardening the most vulnerable positions, adjusting posture management, and limiting access.
This is the first webcast in a series on securing data in the public cloud. Sonrai CISO Eric Kedrosky and Voodoo Security Founder’s Dave Shackleford team up to discuss the challenges of data reconnaissance and scanning in the cloud, covering topics like: