G'day all,
By means of introduction, I'm Dr Sriram Raghavan from Melbourne, AUSTRALIA - I work at a telco as the lead for Threat-informed Defence Engineering (TiDE) where I'm developing a systematic engineering approach to secure Public & Private Cloud tenancies holistically to measurably minimise organisational risk.
Recently I've come across some presentations where conversations seemed to drift in the direction of cloud native detection services such as Defender, GuardDuty and the like missing potential lateral movement and backdoor establishment attempts, especially from advanced actors. I'm given to understand that an AWS architect had himself, mentioned this with examples in a conference recently.
I'm in the process of trying to source the material from the AWS presentation but in the meantime, I'm curious to hear more on the specifics and understand the scope of these so-called gaps. Has anyone in the group heard anything to this end, or perhaps is familiar with the presentation in question?
If so, please reach out for a discussion. Many thanks.
Dr Raghavan
LinkedIn: https://www.linkedin.com/in/sriramraghavan/
------------------------------
Sriram Raghavan
Telstra
Telstra
------------------------------