Hello Vic - taking a shortcut here . I am looking for "threats" to GCP and AWS services that provide identity and login management similar to "Azure AD" from MS. I am taking the collection in the direction of techniques used by Pen testing and Red teaming folks but wanted to check with this forum for any specifics.
Please respond if you can to: [email protected]
------------------------------
Nathan Weilbacher
Manager
Capital One
------------------------------
Original Message:
Sent: Apr 11, 2024 10:31:31 AM
From: Vic Hargrave
Subject: Top Threats Meeting Minutes 2024-04-11
Discussion Topics 2024-04-11
- Michael posted the new publication schedule in the working document.
- The tentative publication date is 2024-06-18, but that is subject to change based on the authors' availability to write.
- Vic discussed the formats of the sections, specifically the Business Impacts session.
- We discussed whether we should use a bulleted list of points in this section or write more narrative.
- Jon-Michael indicated that the bulleted approach may appeal to the CSA organization.
- Alex and Steve advocated for a more hybrid approach that combines narrative with bullet points.
- Vic briefly reviewed the Top Threats survey results.
- Alex welcomed new members to the group and discussed:
- The general mission of the group.
- Publications we have done in the past.
- Our general publication candence.
- How the Top Threats surveys work.
- The format/content of the upcoming publication and where we need help.
- Everybody is on-board with their Top Threats topics.
- We still need an author for Accidental Data Disclosure..
- Next meeting April 25
------------------------------
Vic Hargrave
Cybersecurity Analytics Engr.
Everfox
+1-650-430-3356
[email protected]
------------------------------