阻止 OCI 及其他平台上的多域安全漏洞 [THR3886].pdf

1、 CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATION CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONStopping Multi-Domain Breaches on OCI and Beyond CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFOR

2、MATION CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONEvan StonerStaff Solution ArchitectCrowdStrike CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATION0102The Cloud Threat LandscapeCrowdStrike and Oracle Cloud Working TogetherA

3、genda CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONWant to know whycloud security matters?CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONCloud is the new battleground for adversariesCloud intrusions have surged 136%in the

4、first half of 2025 compared to all of 2024.CrowdStrike 2025 Threat Hunting ReportCross-domain attacksstart with endpoint and endwith cloud compromiseSCATTERED SPIDEREndpointIdentityCloud CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONLABYRINTH CHOLLIMAModern Adv

5、ersary Cloud AttackINITIAL ACCESSIdentityAdversary acquired remote desktop credentials on dark webPRIVILEGE ESCALATIONCloudPrivileged policy and access keys added tonew userLATERAL MOVEMENTCloudValid credentials used to gain access to cloud control planeCROSS-DOMAIN ATTACKDISCOVERYEndpointMalware de

6、ployed and cloud credentials discoveredDATA COLLECTIONCloudData accessed,exfiltrated,and deleted;resources hijacked CROWDSTRIKE,INC.ALL RIGHTS RESERVED.|CROWDSTRIKE CONFIDENTIAL/PROPRIETARY INFORMATIONSiloed Tools Make It ChallengingSaaSApplications(SSPM)Custom Applications(ASPM)Infra(CSPM)Data(DSPM