accent 1 accent 2
CPE Cyber Attack Lab #5

Cross-Cloud Hacking: Stealing Salesforce Data via GitHub & Slack

Mon, December 6th | 3:00 pm ET

Watch an attacker exploit a user’s personal Gmail account to gain access to a corporate GitHub repo and move laterally through Slack to Salesforce, stealing highly confidential customer data.

We’ll show you exactly how this attack is performed, then highlight how DatAdvantage Cloud makes it easier to see and prevent cross-cloud attacks.

It'll be recorded. So if you can't make it, register and we'll send you the replay. 

+1 CPE

Register Now

Here's an outline of how the attack works:

  • Our attacker bypasses MFA in GitHub using an advanced phishing technique
  • Uses recon tools to find secrets inside a private GitHub repository
  • Discovers code for a webhook that contains Slack credentials
  • Compromises Slack, which has integration access to Salesforce
  • Installs a rogue Salesforce app which can access and steal critical customer data

After the simulation, our Incident Response team will use DatAdvantage Cloud to show how our proactive policies and cross-cloud investigation features can detect and prevent this type of attack.

Ryan OBoyle
Ryan O'Boyle Senior Manager, Cloud Architecture & Operations, Varonis

Ryan O’Boyle, GCIH is a Team Lead for the Incident Response and Security Architecture team at Varonis. Ryan has an engineering background with experience in IT infrastructure, Incident Response, and Data Protection. Varonis’ team of security professionals provide complementary Incident Response services to all existing customers. In addition, they work with customers to operationalize the Varonis Data Security Platform and integrate Varonis into the security ecosystem.

"A few months ago, a non-HR user opened up an HR folder that contained sensitive employee salary information. With Varonis, I was able to track down the user and review exactly what they had accessed and changed."

Infrastructure Manager, US Federal Credit Union

Want to see Varonis in action?