Hacking the Cloud: Play-by-play attack on GitHub, SSO, and Salesforce

About this session

On-demand | Replay

How secure is your Salesforce data? Security Architect Ed Lin is about to find out.

Watch Ed walk you through how an attacker can use simple security tools, API calls, and scripting to steal Salesforce data.

Posing as the threat actor, he’ll discover secrets through a public GitHub repo and use those findings to impersonate a user in Okta. From there, Ed will escalate his privileges in Salesforce to find and exfiltrate sensitive data in the app.

Join us to see the attack unfold in real time and learn how to detect and defend against it every step of the way.

During this Attack Sims, we will:

Simulate a cloud attack from start to finish, focusing on the tactics used
Show you when you should be suspicious of a similar breach
Demonstrate how Varonis helps you detect and defend against this type of attack

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Ed Lin

Ed Lin is a Security Architect on Varonis’ Incident Response team. Since joining the IR team, Ed has helped customers integrate Varonis into their security ecosystems so that they can effectively detect and respond to cyber threats. Ed has a cybersecurity analyst background working with both cloud and on-prem environments, with a focus in incident response and data protection. Outside of cybersecurity, Ed enjoys skateboarding, playing guitar, and spending time outdoors.

Hacking the Cloud: Play-by-play attack on GitHub, SSO, and Salesforce

Watch now

About this session

On-demand | Replay

Register now

Hacking the Cloud:
Play-by-play attack on GitHub, SSO, and Salesforce