How attackers exploit identity gaps to get into your cloud and SaaS – Paul Nguyen – ESW #401
You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise.
Segment Resources:
- This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams
- This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud
- Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
- and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs
Announcements
I'll be running an panelcast with Fastly, titled Security Without Speed Bumps: Using WAF Simulator to Transform DevSecOps Workflows. Join me for this exciting webcast on April 16th. To register for this panelcast, go to securityweekly.com/WAF
Guest
Paul Nguyen is the Co-founder and Co-CEO of Permiso Security, an identity security startup helping security teams detect and protect against human and non-human identity threats. Prior to Permiso, he founded Invotas, a pioneer in security orchestration, which was subsequently acquired by FireEye. At FireEye, Nguyen served as the Senior Vice President of Product Strategy and Product Management.
With over 25 years of experience in the cybersecurity industry, Nguyen began his career as a white hat hacker at @stake (later acquired by Symantec) and Neohapsis (acquired by Cisco).
Nguyen co-founded Permiso Security in 2020, aiming to simplify identity security and help teams monitor suspicious and malicious activity of the identities in their environment. Permiso was named a finalist in two categories for the SC Awards in 2024 in the Most Promising Early Stage Startup and Best Threat Detection Technology categories. In 2022, they were named a SINET16 Innovator Award winner.
