DeveloperWeek Global: Cloud 2020 DeveloperWeek Global: Cloud 2020
Get your ticket or log in to build your agenda.

OPEN TALK: A Live Simulation of Advanced Cloud Misconfiguration Attacks

- PDT
Workshop Stage 2 - Hopin 3
Join on Hopin

Josh Stella
Fugue, Founder and CTO

Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.


Cloud misconfiguration is now the leading cause of cloud-based data breaches, typically due to a lack of secure cloud architecture practices. Because cloud infrastructure is 100% software, cloud security is a software engineering problem, not a traditional security analysis problem. In order to prevent data breaches in the cloud, we must address it with secure software architecture right from the start.

In this talk, Josh Stella will run a live simulation of an advanced cloud misconfiguration exploits to show a number of ways common cloud architectural anti-patterns create opportunities for hackers to gain entry to cloud environments, move laterally using tools like IAM services, and ultimately discover and breach data. Many of the misconfigurations exploited won’t be flagged by compliance scans and often aren’t considered risky by security teams.

At each step, Josh will share alternative approaches to architecting cloud infrastructure services to ensure our applications run efficiently while denying bad actors the tools and means to exploit them. Attendees will leave with actionable insights to evaluate their own cloud environment for misconfiguration vulnerabilities, how to address them, and how to bake secure cloud architecture approaches into software development.