Rootconf Mini 2024

In this session, I will present a detailed roadmap for initiating Breach & Attack Simulations (BAS) in cloud environments, with a particular focus on AWS. I will define what BAS is, what problem statement it solves, various use cases for AWS environment, and where & how BAS fits in the entire lifecycle of Security Operations (SecOps).

We will look at how do we deploy BAS architecture for AWS environment, discuss the challenges that may arise during implementation and offer solutions to effectively address these obstacles. There will also be a demo on simulated breach, assuming attacker has already some level of access in your AWS environment using compromised credentials.

We will also look at how do we simulate micro tests that mimic attacker’s behaviour, look at how do we detect them in logs, and configure detections to identify such potential behaviours.

Takeaways from the Session: Participants will gain practical knowledge and step-by-step guidance on setting up BAS infrastructure, and simulate attacks within AWS environment.

Beneficial Audience Segment: This session is designed to benefit cloud security professionals, SecOps teams, security architects, and any stakeholders involved in enhancing their organization’s cybersecurity defenses through the deployment of Breach & Attack Simulations.