DSC Italy is excited to announce an upcoming event featuring Alessandro Braccio, DSC Italy Chapter Leader, and Alessandro Brucato, Senior Threat Research Engeneer, as speakers. Join us for an insightful session where we will delve into the SCARLETEEL operation, a relentless threat first uncovered by the Sysdig Threat Research Team in February 2023. SCARLETEEL is a formidable adversary, constantly evolving its strategies to extract sensitive data and intellectual assets from AWS cloud environments. During this talk, we will examine real-world examples of SCARLETEEL’s infiltration into an unsuspecting victim’s AWS account through a compromised Kubernetes container.
Additionally, we will explore the security landscape surrounding various AWS technologies, including Elastic Compute Cloud (EC2), Identity and Access Management (IAM), Lambda serverless functions, and their Terraform Infrastructure as Code (IaC) modules. Our aim is to provide invaluable defensive insights for each of these technologies, equipping you with the knowledge to fortify your defenses and thwart similar attacks in the future.
Event Details:
Speaker 1:
Name: Alessandro Braccio
Bio: Alessandro Braccio is passionate about Product Security, in particular focus on the Application and Cloud Security field. His interests and expertise stem from DevSecOps, Cloud Security, IoT Security, OWASP Methodologies, Full-Stack Development and more! Over the last decade, he has worked as a Security Consultant, Security Engineer, Penetration Tester, Security Trainer and Full Stack Developer in a variety of companies and sectors. Currently, Alessandro works as a Senior Security Engineer at Arduino
Speaker 2:
Name: Alessandro Brucato
Bio: Alessandro is a threat research engineer at Sysdig with a background in penetration testing of web and mobile applications. His research includes cloud and container security, with a specific focus on supply chain attacks and cloud platform exploitation. While studying computer science and engineering at Politecnico di Milano, he participated in some bug bounty programs where he received rewards from several large companies. Alessandro is also a contributor to Falco, an incubation-level CNCF project.
Date: 11th October, 2023
Time: 6:30pm CEST
Location: Virtual
Join the Community!
If you haven’t joined the Discord community, please do so! You can find us on Discord at: https://devseccon.io/discordcommunity
Don’t miss this opportunity to gain valuable insights into the ever-evolving world of AWS security from Alessandro Braccio and Alessandro Brucato. Join us for an engaging and informative event that promises to enhance your knowledge and strengthen your defenses against cybersecurity threats.
