S3 security

•Download as PPTX, PDF•

2 likes•522 views

Aditya Balapure

AWS S3 Security by Aditya Balapure

S{0x3} Security -
EXPLOITation & DETECTion

$whoami
@adityabalapure
● aka Adi
● Security Engineer @ Grubhub
● Builder, Breaker, Fixer, author, speaker
● I love crypto, malware, the web and CVEs
● Tweet Tweet: @adityabalapure

Whats going on - Recon
[1] [2] [3] [4]

Tools of the trade - Exploitation
● Bucket Finder
● DNS Recon
● Website Spidering
● Sandcastle
● AWSBucketDump
● teh_s3_bucketeers

Access 101
● IAM Policies
● Bucket Policies
● Access Control Lists (ACL)
● Static Website Hosting

I will find you and I will fix you! - Detection
● Boto works phenomenally for automating detection scanning for S3
Objects/buckets
● AWS Config
● Cloudtrail/CloudWatch
● AWS Trusted Advisor (paid)
● Security Monkey AWS Config Capture
Boto Scanning

I will find you and I will fix you! - Detection
[1]
CloudWatch logs detecting the ACL Change

I will find you and I will fix you! - Detection
● CloudWatch Rule Event Pattern

I will find you and I will fix you! - Detection
● CloudWatch Rules + Simple Notification Service (SNS) Rocks!

Lambda’s Great! - Detect & Fix
● Lambda constantly monitors CloudWatch events for PutObjectAcl API Calls
and fixes the “public” object permission automatically as soon it is triggered
CloudWatch Rule triggering our Lambda Function
Lambda Function logs of objects being fixed
automatically that were found to be public
[1]

I will find you and I will fix you! - Detection
● S3 Bucket Event Notifications

Thank you!

More Related Content

Similar to S3 security

Automating AWS security and compliance

Automating AWS security and compliance

Automating AWS security and compliance

AWS Cyber Security Best Practices

AWS Cyber Security Best Practices

AWS Cyber Security Best Practices

DoiT International

Building A Cloud Security Strategy for Scale

Building A Cloud Security Strategy for Scale

Building A Cloud Security Strategy for Scale

004 - Logging in the Cloud -- hide01.ir.pptx

004 - Logging in the Cloud -- hide01.ir.pptx

004 - Logging in the Cloud -- hide01.ir.pptx

Cloud security, sounds like a myth does it not? Many organizations still cling to the belief that cloud services can not be used in a secure infrastructure in this session I'll cover emerging and available technologies which can help abate some of these concerns. Threat models - What's a side channel attack? - What's a co-residency attack? Amazon - Available amazon AWS compliance documentation and how it is relevant to secure infrastructure - Available amazon AWS services such as KSM and how they may be used to secure your deployments, VPC and netowrk isolation, IAM. Openstack - What's openstack bandit and why should I care? - What options do I have in my openstack deployment to secure my infrastructure and how are they relevant to my needs? Federated cloud infrastructure - What is it? - Why you need one - Ensuring secure "chain of custody" through to deployment Docker / LXC - What is container virtualization and how does it differ to regular virtualization? - How does this affect my attack surface? - Should I have this in production ? Security CI - How can security be part of your CI process? Emerging technologies - pki.oio - vaultproject.io - haka Telemetry processing - Why your logs are your most important data source - Handling thousands, millions or more lines per second - Using the right components Building the castle - Thoughts in putting this all together to produce infrastructure hardened from developer though to production.

Cumulonimbus fortification-secure-your-data-in-the-cloud

Cumulonimbus fortification-secure-your-data-in-the-cloud

Cumulonimbus fortification-secure-your-data-in-the-cloud

David Busby, CISSP

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them. In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up. Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss: Automation vs AWS Management Console Identity and Access Management (IAM) S3 Bucket policies Logging and alerting so you have proper visibility into your environment

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them. In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up. Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss: Automation vs AWS Management Console Identity and Access Management (IAM) S3 Bucket policies Logging and alerting so you have proper visibility into your environment

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

ruxc0n 2012

Windows logging workshop - BSides Austin 2014

Windows logging workshop - BSides Austin 2014

Windows logging workshop - BSides Austin 2014

It's 10pm, Do You Know Where Your Access Keys Are?

It's 10pm, Do You Know Where Your Access Keys Are?

It's 10pm, Do You Know Where Your Access Keys Are?

Cloud computing transforms the way we can store, process and share our data. New applications and workloads are growing rapidly, which brings every day more sensitive data into the conversation about risk and what constitutes natural targets for bad actors. This presentation reflects on current best practices to address the most significant security concerns for sensitive data in the cloud, and offers participants a list of steps to achieve enterprise-grade safety with MongoDB deployments among the expanding service provider options.

Enterprise Cloud Security

Enterprise Cloud Security

Enterprise Cloud Security

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

AWSの進化とSmartNewsの裏側

AWSの進化とSmartNewsの裏側

AWSの進化とSmartNewsの裏側

SmartNews, Inc.

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

Amazon Web Services

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Cloud Security

MongoDB World 2018: Enterprise Cloud Security

MongoDB World 2018: Enterprise Cloud Security

Amazon WS Overview

Amazon WS Overview

Amazon WS Overview

Security Risk Advisors - ShmooCon 2022 - LetItGo

Security Risk Advisors - ShmooCon 2022 - LetItGo

Security Risk Advisors - ShmooCon 2022 - LetItGo

SecurityRiskAdvisors

Real world cloud formation feb 2014 final

Real world cloud formation feb 2014 final

Real world cloud formation feb 2014 final

Similar to S3 security (20)

Automating AWS security and compliance

Automating AWS security and compliance

Automating AWS security and compliance

AWS Cyber Security Best Practices

AWS Cyber Security Best Practices

AWS Cyber Security Best Practices

Building A Cloud Security Strategy for Scale

Building A Cloud Security Strategy for Scale

Building A Cloud Security Strategy for Scale

004 - Logging in the Cloud -- hide01.ir.pptx

004 - Logging in the Cloud -- hide01.ir.pptx

004 - Logging in the Cloud -- hide01.ir.pptx

Cumulonimbus fortification-secure-your-data-in-the-cloud

Cumulonimbus fortification-secure-your-data-in-the-cloud

Cumulonimbus fortification-secure-your-data-in-the-cloud

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

Moving at the Speed-of-Cloud Without Getting Owned

ruxc0n 2012

Windows logging workshop - BSides Austin 2014

Windows logging workshop - BSides Austin 2014

Windows logging workshop - BSides Austin 2014

It's 10pm, Do You Know Where Your Access Keys Are?

It's 10pm, Do You Know Where Your Access Keys Are?

It's 10pm, Do You Know Where Your Access Keys Are?

Enterprise Cloud Security

Enterprise Cloud Security

Enterprise Cloud Security

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

AWSの進化とSmartNewsの裏側

AWSの進化とSmartNewsの裏側

AWSの進化とSmartNewsの裏側

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Security in the Cloud

MongoDB World 2018: Enterprise Cloud Security

MongoDB World 2018: Enterprise Cloud Security

MongoDB World 2018: Enterprise Cloud Security

Amazon WS Overview

Amazon WS Overview

Amazon WS Overview

Security Risk Advisors - ShmooCon 2022 - LetItGo

Security Risk Advisors - ShmooCon 2022 - LetItGo

Security Risk Advisors - ShmooCon 2022 - LetItGo

Real world cloud formation feb 2014 final

Real world cloud formation feb 2014 final

Real world cloud formation feb 2014 final

Recently uploaded

This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.

top nidhi software solution freedownload

top nidhi software solution freedownload

top nidhi software solution freedownload

AI/ML Infra Meetup May. 23, 2024 Organized by Alluxio For more Alluxio Events: https://www.alluxio.io/events/ Speaker: - Junchen Jiang (Assistant Professor of Computer Science, @University of Chicago) Prefill in LLM inference is known to be resource-intensive, especially for long LLM inputs. While better scheduling can mitigate prefill’s impact, it would be fundamentally better to avoid (most of) prefill. This talk introduces our preliminary effort towards drastically minimizing prefill delay for LLM inputs that naturally reuse text chunks, such as in retrieval-augmented generation. While keeping the KV cache of all text chunks in memory is difficult, we show that it is possible to store them on cheaper yet slower storage. By improving the loading process of the reused KV caches, we can still significantly speed up prefill delay while maintaining the same generation quality.

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

Advanced Flow Concepts Every Developer Should Know

Advanced Flow Concepts Every Developer Should Know

Advanced Flow Concepts Every Developer Should Know

Skilrock is an igaming technology platform & lottery software provider to the Global Lottery & Gaming Industry with a strong presence across continents. As part of the $2.4 billion SUGAL & DAMANI GROUP, Skilrock leverages the group's extensive domain experience to offer the INFINITI gaming platform - a true Omni-Channel, Omni-Gaming Platform that can serve any lottery or gaming operator anywhere in the world. INFINITI serves Retail, iGaming & Self Service Channels with equal ease and at the same time supports a wide variety of games like Lotto, Keno, Bingo, Instant, Sports, Poker, Rummy, Casino and Slots. Our popular solutions are Scratch Lottery, Retail Lottery, Instant Lottery and other igaming and lottery solutions.

iGaming Platform & Lottery Solutions by Skilrock

iGaming Platform & Lottery Solutions by Skilrock

iGaming Platform & Lottery Solutions by Skilrock

Skilrock Technologies

Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

Into the Box 2024 - Keynote Day 2 Slides.pdf

Into the Box 2024 - Keynote Day 2 Slides.pdf

Into the Box 2024 - Keynote Day 2 Slides.pdf

Ortus Solutions, Corp

AI/ML Infra Meetup May. 23, 2024 Organized by Alluxio For more Alluxio Events: https://www.alluxio.io/events/ Speaker: - Lu Qiu (Data & AI Platform Tech Lead, @Alluxio) - Siyuan Sheng (Senior Software Engineer, @Alluxio) Speed and efficiency are two requirements for the underlying infrastructure for machine learning model development. Data access can bottleneck end-to-end machine learning pipelines as training data volume grows and when large model files are more commonly used for serving. For instance, data loading can constitute nearly 80% of the total model training time, resulting in less than 30% GPU utilization. Also, loading large model files for deployment to production can be slow because of slow network or storage read operations. These challenges are prevalent when using popular frameworks like PyTorch, Ray, or HuggingFace, paired with cloud object storage solutions like S3 or GCS, or downloading models from the HuggingFace model hub. In this presentation, Lu and Siyuan will offer comprehensive insights into improving speed and GPU utilization for model training and serving. You will learn: - The data loading challenges hindering GPU utilization - The reference architecture for running PyTorch and Ray jobs while reading data from S3, with benchmark results of training ResNet50 and BERT - Real-world examples of boosting model performance and GPU utilization through optimized data access

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month. The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies. However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News. Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!

SOCRadar Research Team: Latest Activities of IntelBroker

SOCRadar Research Team: Latest Activities of IntelBroker

SOCRadar Research Team: Latest Activities of IntelBroker

Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Shahin Sheidaei

Top Mobile App Development Companies 2024

Top Mobile App Development Companies 2024

Top Mobile App Development Companies 2024

XongoLab Technologies LLP

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

informapgpstrackings

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion Clinic

"Introduction to Windows 7" serves as the foundational chapter in our guide, setting the stage for understanding the key features and functionalities of this operating system. Windows 7, released by Microsoft in 2009, quickly became one of the most popular and widely used versions of Windows due to its user-friendly interface, stability, and performance improvements over its predecessor, Windows Vista. This chapter begins by providing an overview of the Windows 7 operating system, highlighting its key attributes and improvements compared to earlier versions of Windows. It introduces users to the visual enhancements such as Aero Glass, the revamped taskbar (also known as the Superbar), and the redesigned Start menu, which all contribute to a more intuitive and streamlined user experience. Furthermore, "Introduction to Windows 7" delves into the architecture and system requirements of the operating system, helping users understand what hardware specifications are necessary for optimal performance. It covers topics such as processor requirements, RAM, disk space, and graphics capabilities, ensuring that readers have a clear 3 understanding of the hardware prerequisites for running Windows 7 smoothly. Additionally, this chapter explores the various editions of Windows 7, including Home Premium, Professional, Ultimate, and Enterprise, outlining the differences between them and helping users choose the edition that best suits their needs and requirements. Moreover, "Introduction to Windows 7" provides an overview of the installation process, guiding users through the steps required to install or upgrade to Windows 7 on their computers. It covers topics such as preparing for installation, choosing the installation type (upgrade or custom), partitioning disks, and configuring initial settings. In summary, "Introduction to Windows 7" serves as a comprehensive primer for users who are new to the operating system or seeking to refresh their understanding. By familiarizing themselves with the core concepts and features of Windows 7, readers can lay a solid foundation for exploring more advanced topics covered in subsequent chapters of this guide.

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Vitthal Shirke Microservices Resume Montevideo

Vitthal Shirke Microservices Resume Montevideo

Vitthal Shirke Microservices Resume Montevideo

Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ? Venez le découvrir lors de cette session ignite

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Anthony Dahanne

Breaking the Code : A Guide to WhatsApp Business API.pdf

Breaking the Code : A Guide to WhatsApp Business API.pdf

Breaking the Code : A Guide to WhatsApp Business API.pdf

Meon Technology

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

takuyayamamoto1800

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

kalichargn70th171

Recently uploaded (20)

top nidhi software solution freedownload

top nidhi software solution freedownload

top nidhi software solution freedownload

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG

Advanced Flow Concepts Every Developer Should Know

Advanced Flow Concepts Every Developer Should Know

Advanced Flow Concepts Every Developer Should Know

iGaming Platform & Lottery Solutions by Skilrock

iGaming Platform & Lottery Solutions by Skilrock

iGaming Platform & Lottery Solutions by Skilrock

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

Into the Box 2024 - Keynote Day 2 Slides.pdf

Into the Box 2024 - Keynote Day 2 Slides.pdf

Into the Box 2024 - Keynote Day 2 Slides.pdf

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...

SOCRadar Research Team: Latest Activities of IntelBroker

SOCRadar Research Team: Latest Activities of IntelBroker

SOCRadar Research Team: Latest Activities of IntelBroker

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...

Top Mobile App Development Companies 2024

Top Mobile App Development Companies 2024

Top Mobile App Development Companies 2024

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf

Vitthal Shirke Microservices Resume Montevideo

Vitthal Shirke Microservices Resume Montevideo

Vitthal Shirke Microservices Resume Montevideo

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...

Breaking the Code : A Guide to WhatsApp Business API.pdf

Breaking the Code : A Guide to WhatsApp Business API.pdf

Breaking the Code : A Guide to WhatsApp Business API.pdf

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

S3 security

1. S{0x3} Security - EXPLOITation & DETECTion

2. $whoami @adityabalapure ● aka Adi ● Security Engineer @ Grubhub ● Builder, Breaker, Fixer, author, speaker ● I love crypto, malware, the web and CVEs ● Tweet Tweet: @adityabalapure

3. Whats going on - Recon [1] [2] [3] [4]

4. Tools of the trade - Exploitation ● Bucket Finder ● DNS Recon ● Website Spidering ● Sandcastle ● AWSBucketDump ● teh_s3_bucketeers

5. Access 101 ● IAM Policies ● Bucket Policies ● Access Control Lists (ACL) ● Static Website Hosting

6. I will find you and I will fix you! - Detection ● Boto works phenomenally for automating detection scanning for S3 Objects/buckets ● AWS Config ● Cloudtrail/CloudWatch ● AWS Trusted Advisor (paid) ● Security Monkey AWS Config Capture Boto Scanning

7. I will find you and I will fix you! - Detection [1] CloudWatch logs detecting the ACL Change

8. I will find you and I will fix you! - Detection ● CloudWatch Rule Event Pattern

9. I will find you and I will fix you! - Detection ● CloudWatch Rules + Simple Notification Service (SNS) Rocks!

10. Lambda’s Great! - Detect & Fix ● Lambda constantly monitors CloudWatch events for PutObjectAcl API Calls and fixes the “public” object permission automatically as soon it is triggered CloudWatch Rule triggering our Lambda Function Lambda Function logs of objects being fixed automatically that were found to be public [1]

11. I will find you and I will fix you! - Detection ● S3 Bucket Event Notifications