The Non-Human Identity Attack Surface: Understand It, Attack It, Defend It

When:  Dec 12, 2024 from 05:30:00 PM to 08:00:00 PM (ET)
  • To join in-person: Red Hat tower (100 E Davie St, Raleigh, NC 27601)
  • To join remotely: https://us06web.zoom.us/j/3775705632
  • Agenda:    
    • 5:30 pm - 6:30 pm ET: Arrival, Food, Drinks and Networking (sponsored by Astrix-Security & CSA)
    • 6:30 pm - 7:30 pm ET: Presentation (details below)
    • 7:30 pm - 8:00 pm ET: Food, Drinks and Networking (sponsored by Astrix-Security & CSA)

Abstract/Summary: The proliferation of non-human identities (NHIs) – APIs, service accounts, tokens, and keys – has introduced a vast and often underestimated attack surface. This talk unveils the hidden dangers of NHIs and equips defenders with the knowledge to combat them.

Content: We'll dive into the expanding landscape of NHIs, exploring how they are used in modern infrastructure (IaaS, SaaS, Pass, etc.) and the attack vectors they create. Learn how attackers exploit compromised NHIs to escalate privileges, move laterally within environments, and orchestrate devastating supply chain attacks.

Live Hacking Demonstration: Witness the power of NHI compromise firsthand. We'll showcase a captivating live demonstration where we leverage a combination of NHIs (e.g., AWS access keys, Slack tokens, API Keys) to gain privileged access, steal sensitive code, and weaponize a victim's own infrastructure.

Empowering the Defense: We'll conclude by offering actionable strategies for mitigating the NHI attack surface. Learn best practices for securing NHIs, implementing robust access controls, and minimizing the damage from a potential compromise.

Additional notes: The live demo of how attackers are leveraging tokens and other nonhuman identities will be a teaching process of how attackers identify which key they have found, how they determine what access the NHI has and how can be used to turn an attacker's initial target entity into its own supply chain attack to their customers; i.e. Okta, Cloudflare and DropBox Sign breaches.

Speaker Bio: Michael Silva is a technology leader with 17+ years of experience.  Presently, Michael is the Director of Solution Engineering with Astrix Security, the pioneers of non-human identity security.   Using the combined expertise of technical and customer facing roles, Michael has developed the ability to relate to customers, understand their pain points, and help define a strategy that will map to successful execution of business requirements.

Before joining Astrix, Michael has been part of taking multiple start-ups from their infancy to acquisition.  Most recently he was the Technical Director for a CNAPP (Cloud Native Application Protection Platform) called Lightspin, that was acquired by Cisco. At Lightspin, Michael designed the technical go-to-market strategy, developed strategic partnerships, and helped grow the business from its inception into the U.S. market.  Michael has led a variety of teams from customer facing roles at Nutanix and Progress Software (formerly Chef) to technical teams at Cisco and various managed service providers. His knowledge is deeply rooted in public cloud security across all major cloud service providers as well as Kubernetes security.

Aside from professional experience, Michael holds many professional and specialty certifications from AWS, GCP, SANS, and Nutanix, and is a veteran of the U.S. Marine Corps.

Location

Red Hat Tower in Raleigh downtown
100 E. Davie Street
Raleigh, NC 27601