Daniel Davrayev
Product Manager II - Microsoft
Daniel Davrayev is a Product Manager at Microsoft's Defender for Cloud, leading the Cloud Detection & Response experience. With over 8 years of experience in multinational companies across diverse industries (consulting, pharmaceutical, and tech), he has a strong foundation in security research and threat hunting. Previously, as a security researcher on the Defender for Cloud Research Team, Daniel focused on uncovering new techniques and methods that threat actors could exploit and abuse. His expertise now extends to product management, where he is dedicated to delivering innovative solutions to protect cloud environments from emerging threats.
talks & Q&A
conference | sep 18
Chasing Shadows: Responding to Evolving Threats in Ephemeral Cloud Environments
Exploring practical strategies how to defend containerized workloads
Description
As organizations embrace containerized environments in the cloud, the complexity of threat detection and incident response has risen to unprecedented levels. Traditional security tools often fall short, unable to offer the depth of visibility and context required in these fast-moving, ephemeral environments. With workloads spinning up and down in seconds and multi-layered architectures creating added layers of obfuscation, both technical and operational challenges converge—where even a small misstep in response can trigger business disruption, financial losses, and regulatory fallout.
Security Operations Centers (SOCs) are on the frontlines, tasked with protecting hybrid infrastructures while chasing down elusive threats that span across containerized workloads. The dynamic nature of these environments makes it difficult to piece together fragmented alerts or uncover the full sequence of events behind an incident. As a result, SOC teams are often left making high-pressure decisions with limited context, increasing the risk of ineffective containment strategies or unintended operational disruptions—when every second counts.
This session will explore practical strategies to address the inherent challenges of defending containerized workloads, focusing on overcoming barriers like ephemeral infrastructure, complex architectures, and gaps in visibility. Using insights from real-world incidents, we will unpack how modern security frameworks can streamline threat detection, investigation, and remediation to keep pace with today's cloud-native threats. Join us as we chart a path forward, equipping security teams with the knowledge and tools needed to stay resilient in this high-stakes landscape.
Why the committee chose this talk
With the move towards multiclouds and workload management traditional "server security" paradigms loose value. New ones have to be established.
