Abuse Operations — at its core — is detection of and response to malicious activity when everything is working «as designed.» Classical security is interested in prevention, governance, and compliance, while abuse operations looks at the wider picture of misuse, abuse, malice and crime. At any moment in time, multiple actors are bypassing detection and response systems masquerading as customers in order to take unfair advantage of your systems and services. Different from the full compromise scenarios we know and love, abuse is a slow simmering burn, where our customers can become a problem, and worse, your problem.
By Spencer Cureton & Allan Stojanovic
Full Abstract & Presentation Materials: https://www.blackhat.com/us-20/briefings/schedule/#heroku-abuse-operations-hunting-wolves-in-sheeps-clothing-19693