DEF CON 29 Cloud Village - Igal Flegmann - I know who has access to my cloud, do you

Working in security over the last few years I have learned that it is nearly impossible to stop a breach from happening. While having great security practices such as: Isolated password-less identities, isolated devices, and condition access; will help you stop 99% of the attacks we need to ask ourselves the following questions: Are we monitoring our infrastructure for changes that might open an attack vector? Are we ready to detect and remediate our next breach before the attacker can do any damage? Azure Security Center provides us with some great tools to check some of these errors. For example, it will alert on the SSH port being left open but it would not alert on a very large IP address range being added to your networking rules. The Solution? CloudWatcher our open-source tool that monitors your Azure Subscription ACLs and will alert you if they changed based on the baseline you have created.