We are excited to have William Bengtson, VP of Security Engineering and Operations at HashiCorp, join us for our second episode of Cloud Tales! On Thursday 7/25, he will be joining Paul Nguyen and Jason Martin to talk about his journey as a cloud hero, challenges and obstacles he's faced along the way, and his career growth from a Technical Lead at HP to leading HashiCorp's security engineering team. https://lnkd.in/etQ9QPn3
Permiso Security
Computer and Network Security
Palo Alto, CA 4,433 followers
Turning Cloud Zeroes to Cloud Heroes!!
About us
Permiso Security provides comprehensive identity protection and detection for human and non-human identity threats at all stages of the identity lifecycle, across all environments. The company is backed by Altimeter Capital, Point72, Foundation Capital, Work-Bench, 11.2 Capital and Rain Capital.
- Website
-
http://permiso.io
External link for Permiso Security
- Industry
- Computer and Network Security
- Company size
- 51-200 employees
- Headquarters
- Palo Alto, CA
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Identity Threat Detection & Response, Cloud Detection & Response, Incident Response, Identity Attack Surface Management, Cyber Risk Visibility & Monitoring, Non-Human Identity Security, Account Takeover Protection, Insider Threat, Credential Compromise, Threat Hunting, Security Operations, and Identity Security Posture Management
Locations
-
Primary
Palo Alto, CA, US
Employees at Permiso Security
-
Jason Martin
-
Silvio P.
Chief Revenue Officer | Advisor | Board Member | Eventer | Former Federal Agent | Stevens Alumni
-
Sanjeev Williams
Product Leader | Cybersecurity and Technology Executive
-
Jared Elder
Cloud Security Enthusiast - Marketing at Permiso | 3 exits as VP of Marketing | Carnegie Mellon Alum
Updates
-
Listen to Jason Chan's renowned 'Guardrails, not speed bumps or gates' approach to cloud security in our most recent episode of Cloud Tales. Full episode in the comments https://lnkd.in/eZbmtQ8U
Jason Chan's 'Guardrails, not speed bumps or gates' approach to cloud security
https://www.youtube.com/
-
We're back with another blog post in our series covering techniques in the MITRE ATT&CK Matrix! This time we're tackling Credential Access - Secrets from Password Stores. We walk through real-world applications as well as detection and mitigation strategies. https://lnkd.in/e-Eem9uq
Exploiting Cloud Secrets Management Repositories: Adversary Tactics and Mitigation Strategies
permiso.io
-
Jason Chan talks to Paul Nguyen and Jason Martin about why identity is so important to cloud security. https://lnkd.in/eDhcApUJ
Why identity is a critical component to cloud security
https://www.youtube.com/
-
Permiso Security reposted this
Last week, I had the privilege of speaking at fwd:cloudsec for the second year in a row. fwd:cloudsec is a fantastic conference that brings together like-minded cloud security researchers, engineers, and enthusiasts. This year, I reviewed Azure Activity logs, their complexities, how to analyze them, and how to make that analysis easier, ensuring more confidence in your detections. Catch my session here: https://lnkd.in/gStacR6Z I've also released a convenient tool I will continue to update which utilizes the concepts: https://lnkd.in/gECdSTKn Looking forward to discussing this topic again in September at Blue Team Con, complete with tool updates! #CloudSecurity #Azure #fwdcloudsec
GitHub - Permiso-io-tools/azure-activity-log-axe: Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leverages the "Axe Key," a method created by Nathan Eades of the Permiso P0 Labs team. The Axe Key provides a more consistent grouping of the transactional events of an operation than the traditional built-in Ids.
github.com
-
In our first episode of Cloud Tales, Jason Chan talks through how the Netflix security team built and open-sourced some of their cloud security tooling. Full episode in the comments! https://lnkd.in/eax_VvaM
Cloud Tales featuring Jason Chan - How Netflix built and open-sourced tools to secure their cloud
https://www.youtube.com/
-
It was a ton of fun having cloud security legend Jason Chan join me and my partner in fighting cloud crime Paul Nguyen to discuss lessons learned and advice for teams trying to secure organizations in a fast paced world. 🚨 Spoiler Alert: Jason seamlessly transitions into dad jokes like a boss.
In our first episode of Cloud Tales last week, hear Jason Chan as he talks about Netflix's journey in their migration to the cloud. Full episode in the comments! https://lnkd.in/efQrHhiw
Cloud Tales featuring Jason Chan - Netflix's journey from on premise to the cloud
https://www.youtube.com/
-
In our first episode of Cloud Tales last week, hear Jason Chan as he talks about Netflix's journey in their migration to the cloud. Full episode in the comments! https://lnkd.in/efQrHhiw
Cloud Tales featuring Jason Chan - Netflix's journey from on premise to the cloud
https://www.youtube.com/
-
If you missed Ian Ahl at fwd:cloudsec, check out his talk on LUCR-3 (#ScatteredSpider) while also engaging the audience through a good old fashioned game of bingo.
Had the opportunity to speak at my favorite conference fwd:cloudsec about one of my favorite topics; How LUCR-3 (#ScatteredSpider) operates in #cloud, #saas, and #identity. Watch the talk to learn about their #TTPs! https://lnkd.in/eJt6CXNp
LUCR-3: Cloud Clepto & SaaS-y Scattered Spider Shenanigans - Ian Ahl
https://www.youtube.com/
-
Way to go Abian M. !
Thrilled to announce that my proposals for SANS Institute and Blue Team Con have been accepted! I'll be presenting "Cloud Kleptos: Lessons Learned Responding To Scattered Spider." A heartfelt thanks to Permiso Security and especially to my manager, Daniel Bohannon, for their support. As I navigate through the visa process, I'm hopeful everything will be settled soon so I can focus more on crafting some cool slides for my first conferences. 🔗 Check out the full agendas here: SANS DFIR Summit 2024 - https://lnkd.in/gCV_T7Za Blue Team Con 2024 - https://lnkd.in/g-tbzyys I look forward to connecting with fellow professionals at the events!
DFIR Summit & Training 2024
sans.org