Loading Events

Navigating the Cloud Attack Landscape: Insights for H2 2023

Home » Events » Navigating the Cloud Attack Landscape: Insights for H2 2023



Date and Time

October 4 @ 1:00 pm - 2:00 pm EDT

Event Category

Web Conference


Irene Fisher


Lisa O'Connell



In this session, Jose Hernandez from the Lacework Labs team will dissect the most pertinent cloud security attack trends and techniques of 2023. Delve into actionable insights, real-world metrics, and the current threat landscape as we equip your team with the latest knowledge and strategies.

This discussion will cover the following topics and more:

  • Kubernetes attacks and abuses: The rise in complexity and vulnerabilities in deployment, and the resulting increased attacks and administrative plane abuses.
  • Zenbleed impact: How Zenbleed affected cloud providers and how Lacework approaches this security concern.
  • Cloud supply chain attacks: An examination of the JumpCloud APT case and its broader implications.
  • CloudWizard APT: The use of OneDrive, Dropbox, and Google Drive as a C2 in the ongoing CloudWizard threat, including an analysis of its evolution.

Join us as we explore the rapidly changing world of cloud security and provide valuable insights, tools, and strategies to safeguard your organization against an increasingly sophisticated array of threats.



Candy Alexander – CISO, NeuEon, Inc., & Immediate Past President, ISSA International

Candy has been working in Cybersecurity for over 30 years, growing up within the profession and the ISSA. She’s held several positions as CISO, consults with international organizations, and is considered one of cybersecurity’s valued thought leaders.

Candy is internationally recognized, receiving numerous awards, including ISSA’s Hall of Fame and Distinguished Fellow, ranking her as one of the top 1% in the association. Candy is seen as a true leader of the profession, interviewed by the media, and frequently invited to speak at various events around the world, often advocating for cybersecurity professionals worldwide.

Candy’s passion is demonstrated through her dedication to the ISSA, including being the current International President and a long-standing member of the International Board. In addition, Candy is proud to be the inaugural President and past Board Member of the ISSA Education Foundation. Candy’s home chapters are New England and New Hampshire Chapters.

Through Candy’s leadership and commitment to accountability and stability in ISSA’s business processes and technological improvements, the ISSA maintained its ability to sustain itself as a healthy organization and uninterrupted support system through the unprecedented times brought on by the pandemic.

See Candy Alexander‘s full profile.


Jose Hernandez – Cloud Threat Researcher, Lacework

José is a Distinguished Cloud Threat Researcher at Lacework. Previously he founded and lead the Threat Research team at Splunk (STRT). He started his professional career at Prolexic Technologies (now Akamai), fighting DDoS attacks from “anonymous” and “lulzsec” against Fortune 100 companies. As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. Although security information has been the focus of his career, José has found that his true passion is in solving problems and creating solutions.


See Jose Hernandez‘s full profile.

ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.

Scroll to Top