Miguel Hernández
Staff Threat Researcher Engineer - Sysdig
Zaragoza, Spain
Actions
Miguel Hernández, Threat Research Engineer at Sysdig, is a lifelong learner with a passion for innovation. Over the past decade, Miguel has honed his expertise in security research, leaving his mark at prominent tech companies and fostering a spirit of collaboration through personal open-source initiatives. Miguel has been a featured speaker at cybersecurity conferences such as HITB, HIP, CCN-CERT, RootedCon, TheStandoff, and Codemotion.
Links
Area of Expertise
Topics
The Dark Side of Free Tiers: How Attackers Exploit Cloud Services at Scale
Over the past year, we’ve observed a coordinated, extensive effort by threat actors to exploit the free-tier offerings of cloud providers. This presentation provides an in-depth analysis of techniques observed in the wild, emphasizing how adversaries systematically exploit free-tier resources, especially those with GPU or ML capabilities, for profit.
We’ll walk through the end-to-end attack lifecycle, from automated cloud account generation and infrastructure deployment to resale on underground marketplaces. We’ll also discuss the broader monetization ecosystem, highlighting how these actors integrate with e-commerce platforms to scale their operations.
The session will include real-world indicators, case study elements, and tooling details to help defenders recognize and disrupt similar activities in their own environments. Attendees will leave with a clearer understanding of the underground economy built around cloud abuse.
Secure your Prometheus server from indiscreet eyes or die by metrics
Prometheus has become the standard for monitoring Kubernetes services. It comes with a set of helpful exporters, and Kubernetes offers several metrics endpoints directly through the API. These features enable monitoring and troubleshooting of most situations that SREs face on a daily basis. But, what if an attacker accesses your Prometheus server? How much information can they get for fingerprinting the cluster? Kernel versions, IP addresses, instance types, library versions…the list goes on and on.
In this session, you will learn the best practices on how to secure your Prometheus server from curious eyes and what could be the consequences of not implementing them.
Detecting unexpected behavior and intrusions with Falco + Atomic Red Team
Tools like Falco - the open source container, cloud, and Kubernetes threat detection engine - aren’t immune to security and stability issues. In fact, vulnerabilities in security software can be some of the most devastating of all.
One of the most effective steps in securing software is ensuring all our security measures work as expected. The goal is to identify corner cases that could trigger potentially dangerous behavior and patch them when necessary.
In this workshop, Miguel and Vicente, will show how to validate Falco’s rules, using another open source project, Atomic Red Team As a user, you’ll learn the inherent risks of running security software in your cluster. If you’re a security expert, this talk will demonstrate the fully open source process and you’ll learn to deploy and test your favorite tool.
KCD Austria Sessionize Event
2022 All Day DevOps Sessionize Event
Miguel Hernández
Staff Threat Researcher Engineer - Sysdig
Zaragoza, Spain
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top