The company recently discovered an information security incident. Our R&D data stored in AWS S3 was disclosed on multiple forums.After investigation, it was found that the reason was that a colleague of our company accidentally uploaded the S3 cloud to improve work efficiency. Access is set to public. This resulted in the leakage of confidential information. In addition, because the EC2 in the cloud has not patched the vulnerability, hackers were able to take advantage of it, further exacerbating the security disaster.

Are these news making you hesitant to use the cloud？

Although the cloud has become a trend in the world and its advantages are obvious, threats can also be seen everywhere.

Challenges faced by security personnel in the cloud：

1. Not familiar with the cloud environment, and cannot fully understand the relevant security settings and regulations.
2. Cloud components and services are used too widely, making it impossible to fully understand service security.

This agenda will share how security personnel can manage cloud security more effectively and securely in a complex cloud environment.

This is an advanced course. It will guide participants through the process of digital forensics investigation and teach them to use relevant tools for analysis. In the initial phase, participants will be hands-on with the tools and become familiar with their usage and investigative aspects. In the latter part of the course, past CTF competition cases will be provided, and the solving process and technical details will be analyzed in depth, aiming to cultivate participants' practical experience and skills in digital forensics and enhance their investigative abilities, thereby providing valuable support for organizational cybersecurity defenses.

Today, enterprises are facing increasingly complex and serious security challenges. People will connect to corporate networks, cloud databases or various applications from various locations and using various devices. This also makes it easier for hackers to impersonate corporate employees. or certified third parties to carry out targeted attacks such as data theft or encryption and ransomware. Simply relying on traditional firewalls, VPNs and other network security protections is no longer able to cope with evolving threats and attacks. Enterprises can no longer assume that pre-verified or trusted devices and user identities are safe.

In the face of a complex and frequently changing workplace, "zero trust" is an important strategy to strengthen the security of critical data and critical systems. Compared with traditional information security architecture, this is a more advanced, flexible and effective information security method. More and more organizations are turning to Zero Trust Secure Access (ZTSA) architecture. This architecture assumes that both internal and external networks are not trustworthy and takes appropriate security measures to ensure the safety of data and assets.

This agenda will share and implement how to use Zero Trust Secure Access to help enterprises implement a zero-trust architecture and protect their data and assets based on information security priority judgment and zero-trust automated access control.

This is an advanced course. It will guide participants through the process of digital forensics investigation and teach them to use relevant tools for analysis. In the initial phase, participants will be hands-on with the tools and become familiar with their usage and investigative aspects. In the latter part of the course, past CTF competition cases will be provided, and the solving process and technical details will be analyzed in depth, aiming to cultivate participants' practical experience and skills in digital forensics and enhance their investigative abilities, thereby providing valuable support for organizational cybersecurity defenses.