Explore war stories and gain insights into building secure infrastructure access systems in this 25-minute conference talk from BSidesSF 2022. Delve into five classic security incidents: FluffyBunny (2001), Operation Aurora (2009), DigiNotar (2011), NotPetya (2017), and SolarWinds (2020). Discover why these incidents challenge the industry's definition of "zero-trust" and learn valuable lessons for improving your organization's security posture. Cover key topics including bastions, Operation Aurora, Zero Trust, and the SolarWinds attack, as speaker Sharon Goldberg shares expertise on avoiding insidious points of compromise in infrastructure access systems.