eBooks & Reports

Threat Stack Cloud Security Use Case Playbook

Issue link: https://resources.threatstack.com/i/871280

Contents of this Issue

Navigation

Page 1 of 25

i CLOUD SECURITY USE CASES PLAYBOOK • TABLE Of COnTEnTS TABLE Of COnTEnTS Introduc on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Trust But Verify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 Insider Threats Unauthorized Package Installs Security Tools in Produc on Environments New Users Added To / Deleted From Workloads Permission Changes on Files 1.2 Escala on of Privileges User Privilege Escala ons 1.3 User Access Into Cloud Environments Non-Jump Host Logins Shared Account Usage for Access 1.4 Data Exfiltra on File Transfers To / From Produc on Environments Viewing and Manually Edi ng Files Network Connec on Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.1 Outbound Connec ons Outbound Connec on Tracking Outbound Interac on With Known-Bad Actors 2.2 Inbound Connec ons Inbound Interac on With Known-Bad Actors Host Level Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 File Integrity Monitoring Opera ng System Directory Modifica ons 3.2 System Monitoring Insecure Port and Protocol Usage 1 2 11 14 1 2 3

Articles in this issue

view archives of eBooks & Reports - Threat Stack Cloud Security Use Case Playbook