Cloud Native Dissected: The Anatomy of Modern SecOps & Threat Detection

As organizations shift to the cloud, attackers are finding new ways to break in. Traditional indicators like IP addresses and file hashes are often not enough to catch modern threats. Today’s attackers take advantage of cloud-specific activity, such as suspicious IAM changes, unusual container image names, and strange API calls. Security teams need to spot both these detailed clues and the broader behavioral patterns, like privilege escalation or abnormal login activity.

This talk will focus on what really matters for cloud-native threat detection. Using real-world examples and recent research, the session will show how to identify both atomic and behavioral indicators, investigate cloud attacks, and strengthen your SecOps approach.