Overview
Learn about critical AWS security vulnerabilities through a Black Hat conference presentation that exposes six dangerous flaws discovered in AWS services. Explore how cloud service interdependencies can create security risks, with detailed explanations of vulnerabilities ranging from remote code execution to information disclosure and denial of service attacks. Discover the methodology used to identify these flaws, understand techniques for privilege escalation, and gain insights into mapping service external resources using an open-source tool for researching service internal API calls. Master methods to audit AWS accounts for historical vulnerability exposure while learning essential best practices for secure development in complex cloud environments. Gain valuable knowledge about emerging areas of cloud security research and vulnerability hunting from leading security researchers at Aqua Security.
Syllabus
Breaching AWS Accounts Through Shadow Resources
Taught by
Black Hat