超越姿态管理：阻止 AWS 中的数据泄露（由 Varonis 赞助）.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Beyond Posture Management:Stopping Data Breaches in AWSBrian Vecci Varonis Field CTOS E C 2 0 9-S 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.

2、Attackers arent breaking in,theyre logging in.of data breaches involve stolen credentialsSource:Verizon DBIR88%2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Login with stolen credentials.Steal&encrypt critical data.Exploit the blast radius.Dwell time:194 days 2025,Amazon Web Ser

3、vices,Inc.or its affiliates.All rights reserved.Ransomware targeting S3 bucketsNo way to recover data once encryptedDoes not exploit any AWS vulnerability Relies on an unauthorized user obtaining an AWS customers account credentialsCodefinger AWS Ransomware 2025,Amazon Web Services,Inc.or its affili

4、ates.All rights reserved.Malware hosted in GitHub disguised as video game cracks McAfeeSpike in infostealer malware found in Outlook and Gmail VIPREThousands of WordPress sites hijacked to distribute infostealer malware c/sideInfostealer Malware on the Rise 2025,Amazon Web Services,Inc.or its affili

5、ates.All rights reserved.Its all about the data.DATAPhishingSupply chainAPTsRansomwareInsiders 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.DSPM&CSPM arent enough.Cant detect changes in authorization or accessNo identity protectionCant detect lateral movement Cant detect abnorm

6、al behaviorNo activity or cross-platform mappingNo user behavioral analyticCant detect active threats and insider attacks No data-centric threat detection 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.DSPM&CSPM arent enoughNo identity protectionCant detect changes in authorizati