For years and years, network pen-testers have owned companies and networks with playbooks written in the 90's. With a good mix of footprinting, scripting and unexpected interdependence, even moderately skilled attackers have been able to reign supreme without ever needing a 0day. How does this change as organizations slip more and more into the cloud? What do rootkits look like & what does lateral movement mean when its between different SaaS products? While we have seen point attacks on cloud vendors there hasn't been enough attention paid to the interdependence of these systems and we have seen precious little on pivoting through or defending these setups. This talk attempts to update those playbooks from the 90's for both red and blue teamers.
Haroon Meer is the founder of Thinkst, the company behind the awesome Thinkst Canary. Haroon has contributed to several books on information security and has published a number of papers and tools on various topics related to the field. Over the past decade (and a half) he has delivered research, talks, and keynotes at conferences around the world.
Marco Slaviero is the lead researcher at Thinkst. Marco has presented research at conferences all over the world on topics ranging from timing attacks to python shellcode. He is rumoured to harbor a personal dislike for figs.