Focusing on Zero Trust: Security Challenges in Cloud and On-Prem Identity Integration & Single Sign-On (SSO) 

As enterprises accelerate the adoption of Microsoft Authentication and Google Authentication with Multi-Factor Authentication (MFA), authentication mechanisms have improved in both convenience and security. However, these advancements also introduce new security risks. 

Cybercriminals exploit phishing websites and social engineering tactics to steal user credentials, disguising their attack devices as legitimate authentication endpoints. By doing so, they successfully bypass MFA protections and gain unauthorized access to both cloud and on-premises systems. Worse still, they leverage lateral movement techniques to expand their attack reach within corporate networks, further exposing weaknesses in identity verification frameworks. 

This session will provide an in-depth analysis of these evolving threats, the root causes of security risks in current identity authentication models, and the long-term impact on cybersecurity. Attendees will gain critical insights into how these security challenges affect enterprise operations and develop a deeper understanding of the core value of Zero Trust in future security architectures. 

This talk is designed for security professionals and decision-makers interested in cloud integration and security, equipping them with the knowledge to develop comprehensive security strategies for their organizations.

With the rise of AI, digital transformation brings agility but also increases cyber risks fueled by AI-driven threats. Traditional security measures fall short in protecting critical assets. Zero Trust with network micro-segmentation provides a proactive, efficient, and scalable defense.

Key discussion points:

• AI-driven security challenges
• Enhancing resilience with Zero Trust
• Identifying and minimizing risk
• Reducing attack surfaces with micro-segmentation
• Containing ransomware and preventing lateral movement
• Effective response and recovery strategies

In an environment where information security threats are becoming increasingly severe, "Secure by Default" has emerged as a critical security design principle. The Zero Trust Architecture (ZTA) emphasizes verifying every access request and implementing dynamic privilege management. However, many organizations face challenges in implementing Zero Trust, such as protecting servers from unauthorized access without increasing operational complexity.

The core objective of this session is to leverage Serverless technologies to introduce a Zero-Trust Port Knocking mechanism. This approach enables secure and efficient access control while keeping all ports closed, reducing the attack surface and enhancing overall system security.

The session will cover the following key topics: 

1. An introduction to Secure by Default, Serverless, Zero Trust, and Port Knocking. 

2. Demonstrating the implementation of a Zero-Trust Port Knocking mechanism using Serverless technologies.  

在計算機科學中，0 和 1 通常代表二進制系統中的 False 和 True。而在產品零信任安全機制的實踐中，如何在複雜的 Windows 系統中在不影響效能的前提下，找出信任的權限、檔案、行為，完美劃分出一條 True 與 False 之間清楚的界線，往往是最困難的事。

此議程中會與聽眾分享什麼是產品資安，以及如何實踐於效能及延遲有較高要求，譬如 OT 場域的零信任安全機制。再來會分享我們是如何透過 Minifilter 實踐零信任機制，以及過程中遇到的困難及解決方法。最後會展示對於常見的惡意程式，例如勒索病毒，以及多種不同型態的惡意攻擊的防禦效果。

This session will delve into cloud security incidents, providing an in-depth analysis of attackers' tactics and strategies while exploring the security vulnerabilities and defensive blind spots exposed during these events.

Through real-world case studies, we will reveal common threat patterns in cloud environments, including unauthorized access, privilege abuse, and configuration errors, helping enterprises understand how attackers infiltrate cloud infrastructure and identify potential risk sources.

This agenda aims to equip participants with a comprehensive understanding of core threats in cloud environments, offering concrete directions for the application and practice of subsequent security functions. Additionally, we will share insights on how to combine professional services and innovative technologies to enhance the overall protective capabilities of enterprises.