TalksAWS re:Invent 2025 - Beyond Posture Management: Stopping Data Breaches in AWS (SEC209)

AWS re:Invent 2025 - Beyond Posture Management: Stopping Data Breaches in AWS (SEC209)

Beyond Posture Management: Stopping Data Breaches in AWS

Protecting Against Identity-Based Attacks

  • 88% of data breaches involve stolen or compromised identities
  • Attackers don't break in, they log in using stolen credentials
  • Once inside, they exploit the "blast radius" by moving laterally, elevating privileges, and establishing persistence to access and steal data

Limitations of Posture Management Alone

  • Configuration and data security posture management (CSPM/DSPM) tools cannot:
    • Detect changes in authorization or lateral movement
    • Identify abnormal behavior from valid credentials
    • Detect active threats or insider threats

A Comprehensive Data Security Approach

To stop data breaches, organizations need:

  1. Identity Protection: Visibility into all identities (human and machine) and their entitlements, with automated least-privilege enforcement
  2. Data-Centric Security: Monitoring how data is accessed by identities, with context around sensitive data types and risk
  3. User and Entity Behavior Analytics: Detecting abnormal behavior based on identity access patterns and data usage
  4. Forensics and Incident Response: Ability to quickly determine what data was accessed or stolen during an incident

Veronus: A Data Security Platform

  • Provides observability across cloud, SaaS, and on-premises environments
  • Classifies and maps access to sensitive data
  • Automates policies to enforce least privilege and fix exposures safely
  • Generates targeted alerts based on user and entity behavior analytics
  • Integrates with AWS security services to enhance visibility and response

Business Impact

  • Stops data breaches by detecting and responding to identity-based attacks
  • Reduces risk without breaking things by automating policy changes with full context
  • Saves time and resources by minimizing the number of issues that require manual remediation
  • Helps prove security controls are properly implemented and effective

Real-World Examples

  • Hospitals, banks, manufacturers, and software companies use Veronus to find and fix data security risks they couldn't address before
  • Veronus can identify issues like 40% of data being open to all authenticated accounts in an AWS environment
  • The platform integrates with AWS services like Security Hub, CloudTrail, IAM Identity Center, and GuardDuty to enhance visibility and response

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.