How to Secure Cloud Machine Identities
Komal Dhull, Nathan Brahms
BSidesSF 2024 · Day 1
This technical article delves into the critical and often overlooked domain of securing **cloud machine identities**. Presented by Komal Dhull, a Founding Backend Engineer, and Nathan Brahms, Co-founder and VP of Engineering at Plerion Security, the talk highlights the escalating challenges associated with managing and protecting the identities used by services within cloud environments. As organizations increasingly adopt cloud-native architectures, the sheer volume and sensitive access of these machine identities present a significant attack surface that demands dedicated security attention.
AI review
This talk provides a practical, hands-on guide to securing cloud machine identities in AWS and GCP. It effectively highlights the dangers of long-lived credentials and excessive privileges through clear examples, offering concrete mitigation strategies using native cloud features and open-source tools. While the core security principles aren't new, their specific application and implementation details for cloud environments make this a valuable session for security practitioners looking to harden their infrastructure.