BSidesSATX 2023

Accidentally Exposed - Classifying Publicly Exposed Cloud Files
2023-06-10, 16:00–16:25, Track 2 (Moody Rm 101)

Join this talk, for a technical deep dive into the analysis and classification of publicly exposed files in cloud buckets and how those buckets get exposed in the first place.

Out of the over 300 million files Laminar has scanned and classified, there are some mind-boggling things out there, like financial data, personal information, and business secrets that are unknown, unprotected, and publicly exposed for anybody to see. During this session, we’ll share our discoveries as well as dive into the technical aspects of the best way to analyze, prioritize, and classify data in the cloud.

The lessons you’ll learn:

Technical techniques and tips to find and classify sensitive data in the cloud

How data stored in cloud object storage can become accidentally exposed to the public

How to ensure sure these mistakes don’t happen to your organization

Michael is a Solutions Engineer at Laminar and has been in security for about 20 years now. Michael started out in the U.S. Army as a network administrator for 8 years and is a veteran of the Iraqi Freedom campaign. He is excited to be working on data security in the cloud, but also has a deep background in SIEM and DLP (network, host, CASB, DSPM).