Top Threats

  • 1.  Top Threats Meeting Minutes 2024-04-11

    Posted Apr 11, 2024 10:32:00 AM
    Edited by Vic Hargrave Apr 11, 2024 02:27:47 PM

    Discussion Topics 2024-04-11

    • Michael posted the new publication schedule in the working document.
    • The tentative publication date is 2024-06-18, but that is subject to change based on the authors' availability to write.
    • Vic discussed the formats of the sections, specifically the Business Impacts session. 
    • We discussed whether we should use a bulleted list of points in this section or write more narrative.
      • Jon-Michael indicated that the bulleted approach may appeal to the CSA organization.
      • Alex and Steve advocated for a more hybrid approach that combines narrative with bullet points.
    • Vic briefly reviewed the Top Threats survey results.
    • Alex welcomed new members to the group and discussed:
      • The general mission of the group.
      • Publications we have done in the past.
      • Our general publication candence.
      • How the Top Threats surveys work.
      • The format/content of the upcoming publication  and where we need help. 
    • Everybody is on-board with their Top Threats topics.
    • We still need an author for Accidental Data Disclosure..
    • Next meeting April 25

    Vic Hargrave
    Cybersecurity Analytics Engr.
    [email protected]

  • 2.  RE: Top Threats Meeting Minutes 2024-04-11

    Posted Apr 15, 2024 05:54:00 AM

    Hello Vic - taking a shortcut here . I am looking for "threats" to GCP and AWS services that provide identity and login management similar to "Azure AD" from MS. I am taking the collection in the direction of techniques used by Pen testing and Red teaming folks but wanted to check with this forum for any specifics. 
    Please respond if you can to: [email protected]

    Nathan Weilbacher
    Capital One