accent 1 accent 2
CPE Webinar

Cross-Cloud Hacking: Stealing Salesforce Data via GitHub & Slack

Thurs, 25 November | 11:00 am GMT

Watch an attacker exploit a user’s personal Gmail account to gain access to a corporate GitHub repo and move laterally through Slack to Salesforce, stealing highly confidential customer data.

We’ll show you exactly how this attack is performed, then highlight how DatAdvantage Cloud makes it easier to see and prevent cross-cloud attacks.

It'll be recorded. So if you can't make it, register and we'll send you the replay. 

+1 CPE

Register Now

Here's an outline of how this attack works:

  • Our attacker bypasses MFA in GitHub using an advanced phishing technique
  • Uses recon tools to find secrets inside a private GitHub repository
  • Discovers code for a webhook that contains Slack credentials
  • Compromises Slack, which has integration access to Salesforce
  • Installs a rogue Salesforce app which can access and steal critical customer data

After the simulation, our Incident Response team will use DatAdvantage Cloud to show how our proactive policies and cross-cloud investigation features can detect and prevent this type of attack.

Mohammed Abdullahi-1
Mohammed Abdullahi Engineer, Varonis

For the last 7 years, Mo has worked with a number of customers in the UK, spanning a variety of industries, sizes, and sectors, helping them to solve common challenges and realize value from the Varonis Security platform.

The first 100 people to register will have a chance to win a €100 gift card of their choice! (or the £ equivalent) A few of the exciting choices include, but are not limited to...

nike logo-1

“The level of governance and insight provided by Varonis empowered our team to detect and respond to abnormalities as well as user activity and misconfigurations.”

Al Faella, CTO, Prospect Capital Management

Want to see Varonis in action?