About this session
-I enjoy hacker films as much as the next bloke. Who doesn’t love a flashy NSA login page and some exciting terminal colour schemes? -They always forget one thing, however; successful attacks are more like a game of chess with small actions orchestrated together, each bug, CVE and misconfiguration allows another successful move towards checkmate! -In this session, we’ll use examples from our own research, highlighting potential attacker kill chains combining minor IaC misconfigurations in dangerous but preventable combinations with known CVE’s. We will also take a look, from a defender’s perspective, providing actionable takeaways your DevOps teams can start doing today to turn your security posture up to eleven.