Program

/

CODE BLUE 2024

Time Table

From Snowflake to Snowstorm:Navigating Breaches and Detections

DAY 2

16:00-16:40

Recently, the Snowflake Campaign has emerged as a significant security incident, exposing sensitive data of over 165 customers.

This breach has highlighted critical problems in cloud data platforms and underscored the need for robust security measures. In this talk, we will dissect how we learned of the Snowflake Campaign, exploring how the attackers gained access, how they could exfiltrate information, and the steps organizations can take to mitigate such threats. Attendees will gain insights into the anatomy of the breach, the importance of Cloud and SaaS visibility in identifying and responding to such incidents, and practical detection strategies to enhance their cloud security capabilities.

Notably, we were the first to go public with this breach, emphasizing the critical need for timely and transparent communication in the cybersecurity community. This session will provide attendees with actionable detection suggestions, essential for security professionals seeking to understand the new and evolving landscape of SaaS security threats and how to defend against them.

  • Location :

    • Track 1(HALL B)

  • Category :

    • CyberCrime

  • Share :

Speakers

  • ロエイ・シャーマン の写真

    Roei Sherman

    ロエイ・シャーマン

    Roei Sherman is the Field CTO at Mitiga, a leading Cloud Incident Response company, where he leverages his extensive expertise in cybersecurity to drive innovation and guide strategic initiatives. With over a decade of experience in adversarial cybersecurity roles, Roei specializes in Red Team operations, utilizing an adversarial mindset and guerrilla tactics to enhance defensive strategies across various security engagements, including training, lectures, and consulting.
    Roei's career began in the Field Intelligence unit of the IDF, where he continues to serve in the Reserves. He has held significant positions at AB InBev as Global Director of Offensive Services and as an information security consultant and Red Team leader for EY Israel. His technical acumen encompasses red team engagements, cloud security, social engineering, physical security, deception, and incident response.
    Roei is known for his ability to think like an attacker, providing invaluable insights and strategies for robust cybersecurity defenses. His contributions to the field have made him a sought-after speaker and consultant, helping organizations strengthen their security posture against evolving threats.