Modern adversaries exploit the seams between on-premises and multi-cloud environments, making lateral movement harder to detect. This session dives into advanced threat hunting techniques for hybrid cloud infrastructures. We'll explore how to unify disparate security telemetry, from cloud identity providers (IAM, Azure AD) to API logs and workload activity. Furthermore, we will dive to construct a holistic view of attacker progression.

Attendees will learn practical strategies for visualizing complex attack paths and identifying anomalous lateral movement across diverse cloud services and traditional networks. Attendees will gain actionable insights to uncover hidden threats that bypass conventional security controls in today's interconnected enterprise