Play

In this conversation, Carlos Perez and Edwin David discuss the Midnight Blizzard hack of Microsoft and the challenges of securing cloud environments. They explore the rise of perimeter attacks against devices in the cloud and the need for organizations to adapt and secure people and devices in a hybrid work environment. The conversation delves into the specifics of the Microsoft hack, including the use of password spraying as an attack technique and the importance of logging and log analysis in cloud environments. They also emphasize the value of assessments, assumed breach testing, and continuous learning in cloud security.

Takeaways:

• Perimeter attacks against devices in the cloud have increased due to the shift to remote work and the adoption of cloud services.
• Securing people and devices in a hybrid work environment requires a comprehensive approach that includes conditional access policies, MFA, and continuous monitoring.
• Assessments and assumed breach testing are crucial for identifying and addressing security vulnerabilities in cloud environments.
• Logging and log analysis play a critical role in detecting and responding to security incidents in the cloud.