Live Hack: Common Paths to Breach from One Compromised AWS Identity
- Wednesday, March 10, 2021 at 3:30 PM EST (2021-03-10 20:30:00 UTC)
- Jeff Moncrief, Dave Shackleford
Sponsor
You can now attend the webcast using your mobile device!
Overview
The greatest risk to data security in the public cloud is its own complexity and scale. Breach tactics remain, on the whole, mundane: bad actors simply take advantage of the labyrinth of identity structures within the public cloud infrastructure. The sheer number of interlocking entities, permissions, roles, and privileges in a modern enterprise cloud presents many opportunities for unintentional paths to data via compromised identities.
The best way to visualize this is to actually see it from a hackers perspective - so were doing this live in the cloud to show the most common paths to a data breach in AWS. Were using simple command-line arguments to compromise an identity in a typical s3 bucket and make our way to sensitive data. Well go through how bad actors can easily abuse concepts like:
- Privilege escalations
- Trust relationships
- Toxic identity combinations
- Improper separation of duties
Join us!
Speaker Bios
Dave Shackleford
Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.
Jeff Moncrief
A security veteran, Jeff’s been helping enterprises protect data on the Internet and Public Cloud for over 20 years. His specializations include compliance, IaaS/Paas, Kubernetes, network traffic analytics, incident response, and security architecture. Most recently He’s been leading teams at cloud security companies (Tripwire) and Fortune 100 firms (Cisco). Today, Jeff heads up Sonrai Security’s solutions team, helping enterprises secure their cloud with identity & data governance.
Need Help? Visit our FAQ page or email webcast-support@sans.org.
Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.
