Based in not-so-sunny Manchester, UK, Matt leads developer relations at Bridgecrew. Whether he’s writing articles, giving talks, or shipping new features, Matt is passionate about helping DevOps teams simplify, automate, and improve their infrastructure security.
I enjoy hacker films as much as the next bloke. Who doesn’t love a flashy NSA login page and some exciting terminal colour schemes!? The one thing they always forget, however, is that successful attacks are more like chess wherein lots of moves (bugs, CVEs, and misconfigurations) are orchestrated together for a checkmate! In this session, we’ll use examples from our own research, highlighting potential attacker kill chains combining minor IaC misconfigurations in dangerous but preventable combinations with known CVE’s. We will also take a look, from a defender’s perspective, providing actionable takeaways your DevOps teams can start doing *today* to turn your security posture up to eleven.
