accent 1 accent 2
CPE Webinar Replay

Cross-Cloud Hacking: Stealing Salesforce Data via GitHub & Slack


Watch an attacker exploit a user’s personal Gmail account to gain access to a corporate GitHub repo and move laterally through Slack to Salesforce, stealing highly confidential customer data.

We’ll show you exactly how this attack is performed, then highlight how DatAdvantage Cloud makes it easier to see and prevent cross-cloud attacks.


Watch Now

Here's an outline of how this attack works:

  • Our attacker bypasses MFA in GitHub using an advanced phishing technique
  • Uses recon tools to find secrets inside a private GitHub repository
  • Discovers code for a webhook that contains Slack credentials
  • Compromises Slack, which has integration access to Salesforce
  • Installs a rogue Salesforce app which can access and steal critical customer data

After the simulation, our Incident Response team will use DatAdvantage Cloud to show how our proactive policies and cross-cloud investigation features can detect and prevent this type of attack.

Ryan OBoyle
Ryan O'Boyle Sr. Manager Cloud Architecture & Operations, Varonis

Ryan O’Boyle, GCIH is the Sr. Manager of Cloud Architecture & Operations at Varonis. Ryan has an engineering background with experience in IT infrastructure, Incident Response, and Data Protection. Varonis’ team of security professionals provide complementary Incident Response services to all existing customers. In addition, they work with customers to operationalize the Varonis Data Security Platform and integrate Varonis into the security ecosystem.

“The level of governance and insight provided by Varonis empowered our team to detect and respond to abnormalities as well as user activity and misconfigurations.”

Al Faella, CTO, Prospect Capital Management

Want to see Varonis in action?