You have been tasked to perform security testing of a development application named evidence-app which is used by the Sherlock team to collect, store, and hash evidence data - before the application is deployed into production. To do this, you will set up a temporary deployment of this application in your own AWS account, perform a series of attacks against the application to determine any weaknesses, and then ensure that, if weaknesses are found, ample logging is in place to detect the malice.
Throughout the workshop, you will learn about some common attack techniques targeting a cloud-based application, how to ensure that logging is in place to detect these types of activities, and how to analyze the log data to discover the attack. This workshop contains components of several SANS Cloud Curriculum courses: SEC488, SEC541, SEC588 to help you on your journey to becoming a more well-rounded SANS Cloud Ace.
Prerequisites: An AWS account with root or Administrator Access permissions
Google Chrome web browser
Access to *.amazonaws.com over 443/tcp