The top 10 cloud security fails and how to avoid them: usd AG gives presentation at CloudLand 2023

5. April 2023

From June 20 until June 23, 2023, the second edition of the German-speaking "CloudLand“ festival of the German-speaking Cloud Native Community (DCNC) (in german) will take place at Phantasialand, and is actively designed by international community experts. The community festival will focus on container & cloud technologies, microservices & domain-driven design, DevOps & methodology and CI/CD & automation.

Dr. Kai Schubert, Managing Security Consultant at usd AG, and Phillip Ansorge, Senior Security Consultant at usd AG, have been conducting cloud security audits for years and will be on stage on June 21 as part of their expert talk "The Top 10 Cloud Security Fails and How to Avoid Them."

In the expert talk, they will share and discuss their experiences and best practices on cloud services configurations. What are the most common and important configuration errors on AWS, Azure and GCP? How can they be avoided? They provide practical tips and insights into their approach along with tools. After all, with this knowledge, vulnerabilities can be avoided and thus the next audit will bring fewer findings.

Dr. Kai Schubert is happy about the acceptance of the lecture: "The festival is a great opportunity for us to point out a still underestimated topic in front of a large professional audience as well as to raise more awareness for security in the Cloud"

Also interesting:

PCI DSS v4.0: INFI Worksheet Discontinued

PCI DSS v4.0: INFI Worksheet Discontinued

The Payment Card Industry Security Standards Council (PCI SSC) announced it is discontinuing the Items Noted for Improvement (INFI) Worksheet. INFI, a template for documenting items for improvement, had been introduced with PCI DSS v4.0. Effective immediately, QSAs...

The Surprising Complexity of Finding Known Vulnerabilities

The Surprising Complexity of Finding Known Vulnerabilities

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version. Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions...

Categories

Categories