The document discusses cloud pentesting techniques. It provides an agenda for a cloud pentesting training session that includes an introduction to cloud computing, the major cloud vendors and their product offerings, differences between cloud and conventional pentesting, exploring attack surfaces in Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). It discusses techniques such as exploiting metadata APIs, abusing cloud storage, attacking identity and access management services. The document also contains disclaimers and information about the speaker.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
Learn how to remove operational complexity from achieving secure – and easily auditable – user access to your AWS systems. Automate tightly controlled user access in highly dynamic AWS environments. Painlessly report exactly who accessed which resources, from where, and when – in near real-time – and save your teams thousands of hours in audit prep work.
The era of cloud and mobility has changed the way we work and transformed the internet into the transport network for most enterprises. Even so, many continue to rely on security technologies designed for the old world, when users and data were on the network and applications were housed in the data center.
ESG believes that the challenge of using legacy security methods in the cloud era will be a key catalysts for the adoption of a new user- and application-centric approach known as zero trust security. The zero trust model is enabled by the software-defined perimeter (SDP), delivering secure anywhere access to internal applications without the use of VPN technology.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
Learn how to remove operational complexity from achieving secure – and easily auditable – user access to your AWS systems. Automate tightly controlled user access in highly dynamic AWS environments. Painlessly report exactly who accessed which resources, from where, and when – in near real-time – and save your teams thousands of hours in audit prep work.
The era of cloud and mobility has changed the way we work and transformed the internet into the transport network for most enterprises. Even so, many continue to rely on security technologies designed for the old world, when users and data were on the network and applications were housed in the data center.
ESG believes that the challenge of using legacy security methods in the cloud era will be a key catalysts for the adoption of a new user- and application-centric approach known as zero trust security. The zero trust model is enabled by the software-defined perimeter (SDP), delivering secure anywhere access to internal applications without the use of VPN technology.
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
With over a dozen APIs and integrations points, Cisco’s security product portfolio offers many ways to share and collect from other complementary technologies including MDM, EDM, SIEM, IR and Vulnerability Management. Cisco’s CSTA program focuses on helping customers achieve a higher level of security through automation and more intelligent event attribution.
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
The increasing mobility of professional users has brought an end to the traditional corporate security perimeter. Google has reinvented its security perimeter around devices through its groundbreaking "BeyondCorp" initiative. In this talk, two Google security leaders will share how this transformation took place, where it's headed and how you can apply this approach to your organization.
(Source: RSA Conference USA 2017)
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...CloudVillage
Speaker 1: Olaf Hartong
Speaker 2: Edoardo Gerosa
Azure Sentinel, Microsoft's new cloud SIEM solution, was recently released on the market. Notwithstanding its strengths Sentinel offers limited threat hunting capabilities out of the box and setting up an effective hunting solution is not straightforward. The Sentinel ATT&CK GitHub project is designed to provide guidance on setting up an ATT&CK-driven process monitoring solution within Sentinel; giving DFIR professionals a tool to effectively hunt in the Azure cloud.
The project, building on previous work from the open source DFIR community, provides instructions on how to properly configure Sysmon to monitor and detect specific processes in alignment with MITRE's ATT&CK framework. Secondly it provides clarity on how to onboard Sysmon logs from Windows virtual machines, shedding light on some poorly documented areas, while also offering an open source parser to correctly ingest Sysmon data in conformity with the Open Source Security Event Metadata information model. Thirdly it offers around 120 open source Kusto Query Language alerts ready for deployment; each mapped to a unique MITRE ATT&CK technique. Fourthly it provides a dedicated threat hunting dashboard to help DFIR professionals monitor their environment and execute precise hunts. Finally, Sentinel ATT&CK provides ready-made hunting queries to be leveraged when responding to alert notifications raised by the threat hunting dashboard.
This talk delivers an overview of how the Sentinel ATT&CK project can help organisations establish an effective threat hunting capability in Azure as well as an opportunity to share with the community the strengths and shortcomings of Sentinel when it comes to hunting adversaries within the Microsoft cloud.
Moving the crown jewels to the cloud requires a trusted cloud provider. This is why almost 40% of enterprises choose to run internal applications on Azure, which was designed to deliver more choice, scalability, and speed. However, this also extends the security perimeter to the Internet - rendering network-centric security methods obsolete.
Dive deep into AWS IoT end-to-end security mechanisms, MQTT and device secure communication, mutual TLS authentication, thing identity, security processes and authorization using AWS roles and policies.
Get an office 365 expereience your users will love v8.1Zscaler
Whether you’re looking to deploy Office 365 on your network, or you’ve already begun the migration, there’s one measurement of success that is paramount: user experience. With multiple apps and services, including latency-sensitive applications like Skype, it’s critical to optimize your network for the fastest O365 experience. Microsoft recommends accessing Office 365 directly via the internet, but many companies don’t have the proper network setup. It’s no surprise, then, that Office 365 deployments frequently don’t go as planned.
According to Google, almost 80 percent of websites loaded in Chrome are over HTTPS, and Zscaler ThreatLabZ research shows that more than 50 percent of malware now hides in SSL/TLS-encrypted traffic. The problem is that many organizations don’t have the budget to fully inspect encrypted traffic, so SSL becomes a blindspot and IT is faced with a major compromise. Meanwhile, hackers are getting more and more creative in how they deliver malware in SSL/TLS, which creates new inspection challenges.
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment.
Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include:
• Common cloud threats and vulnerabilities
• Exposing data with insufficient Authorization and Authentication
• The danger of relying on untrusted components
• Distributed Denial of Service (DDoS) and other application attacks
• Securing APIs and other defensive measures
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)Amazon Web Services
Only year ago we launched AWS IoT, and at re:Invent we showed how AWS IoT makes it easy to secure millions of connected devices. However, we have learned from our customers that a number of unique security challenges for the Internet of Things (IoT) exist.
Security Across the Cloud Native Continuum with ESG and Palo Alto NetworksDevOps.com
Today’s enterprises have more compute options than ever before across the cloud native continuum. This continuum, spanning VMs, containers, managed Kubernetes, PaaS and serverless, provides users trade-offs and advantages when it comes to building and running their modern workloads and applications.
Recently, Enterprise Strategy Group conducted a survey titled “Leveraging DevSecOps to Secure Cloud Native Applications.” This research, covers the latest adoption numbers, trends and security concerns across all of the categories in the cloud native continuum—with insights into how organizations are successfully building and securing these technologies.
Join ESG, Senior Analyst and Group Practice Director Doug Cahill and Palo Alto Networks VP of Product John Morello to unpack the latest survey findings and discuss how security plays a vital role in securing cloud native applications.
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler
The occurrence of SSL-based threats are continuing to rise. Hackers are getting more and more creative in how they deliver threats, which creates new inspection challenges. Attend this webcast to discuss the latest attack trends, and best practices you can employ within your Zscaler installation to bolster your security.
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
With over a dozen APIs and integrations points, Cisco’s security product portfolio offers many ways to share and collect from other complementary technologies including MDM, EDM, SIEM, IR and Vulnerability Management. Cisco’s CSTA program focuses on helping customers achieve a higher level of security through automation and more intelligent event attribution.
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
The increasing mobility of professional users has brought an end to the traditional corporate security perimeter. Google has reinvented its security perimeter around devices through its groundbreaking "BeyondCorp" initiative. In this talk, two Google security leaders will share how this transformation took place, where it's headed and how you can apply this approach to your organization.
(Source: RSA Conference USA 2017)
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...CloudVillage
Speaker 1: Olaf Hartong
Speaker 2: Edoardo Gerosa
Azure Sentinel, Microsoft's new cloud SIEM solution, was recently released on the market. Notwithstanding its strengths Sentinel offers limited threat hunting capabilities out of the box and setting up an effective hunting solution is not straightforward. The Sentinel ATT&CK GitHub project is designed to provide guidance on setting up an ATT&CK-driven process monitoring solution within Sentinel; giving DFIR professionals a tool to effectively hunt in the Azure cloud.
The project, building on previous work from the open source DFIR community, provides instructions on how to properly configure Sysmon to monitor and detect specific processes in alignment with MITRE's ATT&CK framework. Secondly it provides clarity on how to onboard Sysmon logs from Windows virtual machines, shedding light on some poorly documented areas, while also offering an open source parser to correctly ingest Sysmon data in conformity with the Open Source Security Event Metadata information model. Thirdly it offers around 120 open source Kusto Query Language alerts ready for deployment; each mapped to a unique MITRE ATT&CK technique. Fourthly it provides a dedicated threat hunting dashboard to help DFIR professionals monitor their environment and execute precise hunts. Finally, Sentinel ATT&CK provides ready-made hunting queries to be leveraged when responding to alert notifications raised by the threat hunting dashboard.
This talk delivers an overview of how the Sentinel ATT&CK project can help organisations establish an effective threat hunting capability in Azure as well as an opportunity to share with the community the strengths and shortcomings of Sentinel when it comes to hunting adversaries within the Microsoft cloud.
Moving the crown jewels to the cloud requires a trusted cloud provider. This is why almost 40% of enterprises choose to run internal applications on Azure, which was designed to deliver more choice, scalability, and speed. However, this also extends the security perimeter to the Internet - rendering network-centric security methods obsolete.
Dive deep into AWS IoT end-to-end security mechanisms, MQTT and device secure communication, mutual TLS authentication, thing identity, security processes and authorization using AWS roles and policies.
Get an office 365 expereience your users will love v8.1Zscaler
Whether you’re looking to deploy Office 365 on your network, or you’ve already begun the migration, there’s one measurement of success that is paramount: user experience. With multiple apps and services, including latency-sensitive applications like Skype, it’s critical to optimize your network for the fastest O365 experience. Microsoft recommends accessing Office 365 directly via the internet, but many companies don’t have the proper network setup. It’s no surprise, then, that Office 365 deployments frequently don’t go as planned.
According to Google, almost 80 percent of websites loaded in Chrome are over HTTPS, and Zscaler ThreatLabZ research shows that more than 50 percent of malware now hides in SSL/TLS-encrypted traffic. The problem is that many organizations don’t have the budget to fully inspect encrypted traffic, so SSL becomes a blindspot and IT is faced with a major compromise. Meanwhile, hackers are getting more and more creative in how they deliver malware in SSL/TLS, which creates new inspection challenges.
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment.
Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include:
• Common cloud threats and vulnerabilities
• Exposing data with insufficient Authorization and Authentication
• The danger of relying on untrusted components
• Distributed Denial of Service (DDoS) and other application attacks
• Securing APIs and other defensive measures
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)Amazon Web Services
Only year ago we launched AWS IoT, and at re:Invent we showed how AWS IoT makes it easy to secure millions of connected devices. However, we have learned from our customers that a number of unique security challenges for the Internet of Things (IoT) exist.
Security Across the Cloud Native Continuum with ESG and Palo Alto NetworksDevOps.com
Today’s enterprises have more compute options than ever before across the cloud native continuum. This continuum, spanning VMs, containers, managed Kubernetes, PaaS and serverless, provides users trade-offs and advantages when it comes to building and running their modern workloads and applications.
Recently, Enterprise Strategy Group conducted a survey titled “Leveraging DevSecOps to Secure Cloud Native Applications.” This research, covers the latest adoption numbers, trends and security concerns across all of the categories in the cloud native continuum—with insights into how organizations are successfully building and securing these technologies.
Join ESG, Senior Analyst and Group Practice Director Doug Cahill and Palo Alto Networks VP of Product John Morello to unpack the latest survey findings and discuss how security plays a vital role in securing cloud native applications.
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler
The occurrence of SSL-based threats are continuing to rise. Hackers are getting more and more creative in how they deliver threats, which creates new inspection challenges. Attend this webcast to discuss the latest attack trends, and best practices you can employ within your Zscaler installation to bolster your security.
Introduction to Serverless Computing - OOP MunichBoaz Ziniman
erverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more.
In this session, we will learn how to get started with Serverless computing using AWS Lambda, which lets you run code without provisioning or managing servers.
Enterprises are investing in cloud computing to manage their IT budgets more efficiently. Gartner predicts that the public cloud revenue for SaaS application service will be $73.6 billion in 2018, a 22% increase as compared to the previous years. This has led organizations to look for offerings that are specifically engineered to deliver their expected business outcomes.
The ease of adoption of cloud SaaS applications is promising greater flexibility and reduced cost to the business. At the same time due to the increase in adoption of SaaS applications, the information silos have increased which has created the need for integration across the cloud and enterprise.
Join us for the webinar to learn how you can resolve your integration challenges. We will also help you with how to:
Accelerate time to market and connect to SaaS applications in just minutes
Free up IT resources to do more innovative, customer-focused work
Improve and automate business processes via the sharing of data across applications
Extend investments in legacy systems and applications
Serverless Security: Best practices and mitigation strategies (re:Inforce 2019)Jeremy Daly
There are many inherent security benefits of using serverless (like no more patching servers or allowing direct network access to functions), but it does introduce additional complexities in how we build, deploy, and secure our applications. In this talk, we'll introduce several serverless security best practices, look at some common attack vectors, and discuss how we can apply them to increase our overall security posture. Special thanks to Ory Segal for content collaboration.
Intro to AWS Lambda and Serverless Applications: re:Invent 2018 Recap at the ...Amazon Web Services
Introduction to AWS Lambda and Serverless Applications: re:Invent 2018 Recap at the AWS Loft - San Francisco
In this session we’ll take a high-level overview of AWS Lambda, a serverless compute platform that has changed the way that developers around the world build applications. We’ll explore how Lambda works under the hood, the capabilities it has, and how it is used. By the end of this talk you’ll know how to create Lambda based applications and deploy and manage them easily.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications
In this session we’ll take a high-level overview of AWS Lambda, a serverless compute platform that has changed the way that developers around the world build applications. We’ll explore how Lambda works under the hood, the capabilities it has, and how it is used. By the end of this talk you’ll know how to create Lambda based applications and deploy and manage them easily.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS
Enterprise Cloud Architecture Best PracticesDavid Veksler
Introduction to cloud service models - IAAS, SAAS, PAAS.
Best practices for enterprise cloud service architecture, with a focus on Western companies operating in the China market.
Comparison of Azure and AWS from cost and feature perspective.
Who's in your Cloud? Cloud State MonitoringKevin Hakanson
When it comes to cloud operations, monitoring security and visibility are critical. Integration by other systems via Cloud APIs is one of the most powerful value drivers of the hyperscale cloud providers.
In this session, we will describe Cloud State Monitoring, including why it is important and who needs awareness in your organization. An explanation of the categories of Cloud APIs (including the management plane, control plane, and data plane) will give us background. Specific use cases across AWS, Azure, and GCP will dive deep into various changes you might not have considered monitoring.
12 Factor Serverless Applications - Mike Morain, AWS - Cloud Native Day Tel A...Cloud Native Day Tel Aviv
The “Twelve-Factor” application model has come to represent twelve best practices for building modern, cloud-native applications. With guidance on things like configuration, deployment, runtime, and multiple service communication, the Twelve-Factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although Serverless computing and AWS Lambda have changed how application development is done, the “Twelve-Factor” best practices remain relevant and applicable in a Serverless world. In this talk, we’ll apply the “Twelve-Factor” model to Serverless application development with AWS Lambda and Amazon API Gateway and show you how these services enable you to build scalable, low cost, and low administration applications.
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...SolarWinds
This Federal Government webinar reviewed monitoring the performance of all your applications, whether on-premises, hybrid, or in multi-cloud environments, including AWS®, Azure®, or private cloud environments. We reviewed a range of application deployment options and demonstrate how SolarWinds® Server & Application Monitor (SAM) provides a unified view of application performance.
Our presenter discussed how SolarWinds can help you: • Understand the challenges and monitoring best practices for hybrid and multi-cloud environments • Monitor performance regardless of where applications are deployed • Leverage SAM’s API integrations to monitor AWS and Azure environments • Deploy custom Windows® and Linux® agents to monitor hybrid or private cloud applications • Leverage out-of-the-box templates to monitor hundreds of applications, including SaaS applications like Microsoft® Office 365® • Utilize monitoring data to improve troubleshooting and visibility to SLA metrics • Leverage SolarWinds Database Performance Analyzer to monitor all your databases in hybrid environments—on-premises, virtualized, and in the cloud
Modern Applications Development on AWSBoaz Ziniman
Modern Application Development, using Microservices and Serverless, allow you to build and run simpler and more efficient applications, while improving your agility and saving a lot of money.
The ability to deploy your applications without the need for provisioning or managing servers opens new opportunities to build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more, without the investment in hardware or professional manpower to run this hardware.
In this session, we will learn how to get started with Microservices and Serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers.
Introduce about cloud service adoption for Thailand and globally. What is the factor to transform modernize cloud technology and how to work with it? Then, we talking about the definition of Serverless service on public cloud provider and example success solution design on cloud-native application that include Serverless service in a mainly design.
Building and Successfully Selling ISV Solutions with AWS Partner-Summit-Singa...Amazon Web Services
In this session, as an APN Technology Partner, you will learn about the broad range of AWS programs and resources to assist you successfully build, market and sell your solutions. Whether you are a start-up, established ISV with pre-packaged software offerings or a SaaS provider, we can customize the right set of tools, training and go-to-market programs to accelerate your business. You will learn about our SaaS Partner Program, Quick Start and AWS Marketplace. We will also discuss opportunities and success stories of APN Technology and Consulting partners coming together and collaborating to deliver high value solutions in the market.
Twelve-Factor App Methodology and Modern Applications | AWS Summit Tel Aviv 2019AWS Summits
The Twelve-Factor App Methodology introduces best practices for building modern, cloud-native applications. In this session you'll learn how to directly apply the Twelve-Factor methodology to modern application development with Lambda and Amazon API Gateway. As you'll see, many of these factors are not only directly applicable to serverless applications and can be applied to various architectures and solutions.
Similar to (SACON) Anant Shrivastava - cloud pentesting (20)
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Securing your Kubernetes cluster_ a step-by-step guide to success !
(SACON) Anant Shrivastava - cloud pentesting
1. SACON
SACON International 2019
India | Bangalore | February 15 - 16 | Taj Yeshwantpur
Cloud Pentesting
Anant Shrivastava
NotSoSecure
Regional Director APAC
@anantshri
2. SACON 2019
• Introduction to Cloud Computing
• Product Offerings by Major Vendor’s
• AWS
• Azure
• GCP
• Cloud vs Conventional Pentesting
• Explore Attack Surfaces (IaaS, PaaS, SaaS, Serverless)
• Exploiting Metadata API’s
• Abusing cloud storage
• Forensic analysis of cloud snapshots
• Attacking Azure AD
• Attacking Serverless
• Understanding and attacking IAM Services
• Various Case Studies
Agenda
4. SACON 2019
This Session is highly opinionated.
All thoughts are my own and not authorized or endorsed by my
company or organizers.
I am standing on giant’s shoulders: a lot of what I am going to talk
about is public knowledge just compiled in one single place for all.
This field is constantly evolving, my understanding and explanation
might be wrong or convoluted if you feel a better approach is possible
be ready I will need that help.
Disclaimer
5. SACON 2019
Cloud computing could be summarized as a [decentralized] shared pool
of remotely accessible resources with rapid provisioning capabilities.
However the reason cloud computing makes sense for anyone is
1. Low IT hardware overheads
2. Minimal management overheads
3. Massive upfront cost saving (running cost could be higher if
unoptimized)
In short if done right it saves $$$$$ and that’s why people want it
Introduction to Cloud Computing
6. SACON 2019
My understanding
Ruler : AWS
Challengers: Google Cloud Platform, Azure
Others: IBM, Oracle, Alibaba, Digital Ocean,
Heroku and many more
Out of the league: OpenStack
Lets understand the landscape
7. SACON 2019
Lets understand the landscape
https://www.canalys.com/newsroom/cloud-market-share-q4-2018-and-full-year-2018
8. SACON 2019
What is Offered by : Amazon Web Services
Entry on right side are categories not products
Largest service provider
Most popular / Known Offerings
• EC2
• S3
• RDS
• Beanstalk
• CloudWatch
• Route53
• IAM
• Cloudfront
• Lambda
50 products listed on this page :
https://www.amazonaws.cn/en/products/
9. SACON 2019
What is offered by Azure
Another Giant in terms of services offered. Individual service count
goes well above 100
Most popular known offerings
• Azure AD
• hosted IIS Solutions
• Office 365
• Team Foundation
• Azure Windows VM
List of all services : https://azure.microsoft.com/en-in/services/
10. SACON 2019
What is offered by: GCP
Multitude of product offerings
Most popular:
• Gmail
• Google Suite (Office, mail, plus more)
• Google+ ( :D :D )
List of all services: https://cloud.google.com/products/
11. SACON 2019
What is available as part of OpenStack
Self Deployed or custom deployable solution hence service count differs
Opensource package has 62 different services
https://www.openstack.org/software/project-navigator/openstack-components
Some sample configurations are available at
https://www.openstack.org/software/sample-configs
12. SACON 2019
Smaller players
IBM : https://www.ibm.com/cloud/
A full-stack cloud platform with over 170 products and services covering data, serverless,
containers, AI , IoT and blockchain.
Oracle: https://cloud.oracle.com/home
Focused on Enterprise section
Heroku : https://www.heroku.com/products
Primarily PaaS Offerings
Alibaba Cloud : https://www.alibabacloud.com/product
13. SACON 2019
Conventional vs Cloud Pentesting
• System misconfiguration vs unpatched issues
• Service provider approvals
• You are tenant, service provider is owner
• Owner can close accounts / throttle service / block connections to safeguard itself
• Targets shift
• Conventional : DA / EA and you are done
• Cloud: cloud admin is the new top boss
• Max Damage shift
• Old: AD will be gone or data stolen
• New: exuberant bill, and data stolen and data destruction and GDPR + more
14. SACON 2019
Cloud Roles and Responsibilities
Reference:
https://aws.amazon.com/compliance/shared-responsibility-model/
https://blogs.msdn.microsoft.com/azuresecurity/2016/04/18/what-does-shared-responsibility-in-the-cloud-mean/
15. SACON 2019
Cloud Roles and Responsibilities
https://medium.com/@pkerrison/pizza-as-a-service-2-0-5085cd4c365e
16. SACON 2019
Infrastructure as a Service
• IaaS ~ VM in a server
• You manage everything sitting in VM
• Tenant responsibilities include
• OS Updates
• Middleware/Server Update
• App/services updates
• Secure configuration of services
• Data sitting on top of the apps/services
• Network communications
17. SACON 2019
Attack Surface : Infrastructure as a Service
• All tenant responsibilities are direct attack surfaces
• Application Level bugs leading to Code execution or file read
• Weak credentials
• Insecure configurations of cred gateways (no NLA on RDP)
• Insecure Firewall Configurations
18. SACON 2019
Attack Surface : Infrastructure as a Service: Metadata API
• Almost all cloud service providers communicate specific metadata to services via a novel
method of Metadata API
• A non-routable IP Address is taken and any request to it is handled by cloud provider
themselves http://169.254.169.254/
• This API Provides access to plethora of information about the services themselves
• Official Documentation:
1. AWS: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
2. GCP: https://cloud.google.com/compute/docs/storing-retrieving-metadata
3. Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service
4. Opendata: https://docs.openstack.org/nova/rocky/user/metadata-service.html compatible with AWS “2009-04-04” version
• Metadata API is not just limited to IaaS but its common across the platforms[almost]
• Like all services ever created this has its own Quirks (we will explore that in attack section)
19. SACON 2019
Exploring Platform as a Service and its Attack Surface
• Less things to worry about compared to IaaS more then SaaS
• Tenant responsibilities include
• App/services updates
• Secure configuration of services
• Data sitting on top of the apps/services
• Network communications
• Attack Surface
• Application flaws
• Data storage permissions (exposed buckets)
• Data at transit setup (TLS)
• Insecure configurations as less control over upper stack
• Example of PaaS: Elasticbeanstalk, app-engine, Azure (cloudservices and websites), S3
20. SACON 2019
Exploring: SaaS
• Minimal control over anything besides data storage and access to data
• Attack surface boils down to logical flaws, access and authorization issues
• Back to Web Application pentesting principals
• However if a bug is found Its impact can be widespread and affect multiple / all tenants
• Example of simpler bugs in SaaS : Subdomain takeover issues
21. SACON 2019
Exploring: FaaS
• Its only named serverless :P
• FaaS would not manage data hence each action is atomic in nature
• Function execution is generally timeboxed (few minutes to 1 sec)
• Each execution could be in different environment depending on configuration
22. SACON 2019
Show me the action
So we now have a clear understand of what each of these larger entities mean. Now lets look
at ways and means to own and pwn these services
We will look at:
1. How to identify our target
2. What are the exposed areas to focus on
3. Exploiting the scenario
Towards the end we will talk about what could be mitigation options
23. SACON 2019
Understanding your environment
Lets assume you got access to a system, how can you identify which service provider is in
action.
1. Straight forward: Reverse IP Lookup (may not be accurate as internally they may have
routed things around)
2. System commands: Linux (sudo capable)
1.sudo dmidecode -s bios-version (gives vendor name)
2.sudo dmidecode -s bios-vendor (Google for GCP)
24. SACON 2019
Understanding your environment
Metadata API (http://169.254.169.254)
1. Azure: gives unauth error if Metadata: true is not present
2. GCP: Requires “Metadata-Flavor: Google” in all requests
3. GCP: for curl to http://metadata.google.internal we get a response with Metadata-Flavor: google
4. AWS: curl request gives a http response
Note: The requirement for headers is a clever hack which blocks SSRF attacks
25. SACON 2019
Attacking Metadata API
• SSRF or URL fetch
• If you only have control over URL parameter then AWS will work
• For GCP
• Query /v1beta1/ Metadata-flavour: google header was enforced in v1
• For Azure header is a must hence SSRF attack might not work
• Code Execution
• Make curl calls directly to the metadata API
Useful URL’s:
• AWS
• To fetch Security Credentials: http://169.254.169.254/latest/user-data/iam/security-credentials/<rolename>
• GCP
• Root password:
http://metadata.google.internal/computeMetadata/v1beta1/instance/attributes/?recursive=true&alt=json
• Kube env: http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env
More Cloud Metadata URL’s useful for SSRF Testing : https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb
26. SACON 2019
What next?
• So we obtained Credentials, what next?
$ export AWS_ACCESS_KEY_ID=AKIAI44QH8DHBEXAMPLE
$ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
$ export AWS_SESSION_TOKEN=AQoDYXdzEJr...<remainder of security token>
$ aws ec2 describe-instances --region us-east-1
Enumerating Permissions (nimbostratus)
https://github.com/andresriancho/nimbostratus
Ref: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html
GCP http://carnal0wnage.attackresearch.com/2019/01/i-found-gcp-service-account-tokennow.html?m=1
27. SACON 2019
Demo
• How to interact with Metadata API
• How to fetch the Token
• How to use AWS command line and use
obtained tokens
• Enumerate various privileges on the token
using nimbostratus
• Limitations of Nimbostratus
28. SACON 2019
Cloud storage
• Almost all of the cloud service provider gives access to some sort of file storage on
steroids
• S3 by AWS does more then just file storage can also host static websites
• Major Attack Surface revolve around incorrect permissions
• Buckets publicly accessible
• Writable by many non-required users / roles
• Bruteforcable / Guessable names
Tips:
• To host website AWS wants bucketname == CNAME)
• If you access s3.storage.com url’s you will be directed to specific region where it hosted
29. SACON 2019
Cloud storage: Bruteforcing Bucket names
Storage enumeration is possible as names are unique in nature
Automated tools
• https://github.com/digininja/CloudStorageFinder (AWS, Digital Ocean)
• https://blog.netspi.com/anonymously-enumerating-azure-file-resources/ (Azure)
• https://github.com/NetSPI/MicroBurst (Azure)
• https://github.com/appsecco/spaces-finder (Digital Ocean)
• https://github.com/0xSearches/sandcastle (AWS S3)
30. SACON 2019
Cloud storage: Commandline
• Identify List of buckets in S3
$ aws s3api list-buckets --query "Buckets[].Name"
• Check if the bucket is publicaly accessible
$ aws s3 ls s3://<bucketname> --no-sign-request
• Action on s3 bucket
$ aws s3 ls/cp/mv/rm s3://<bucketname>/file [<other_location>]
• GCP Storage
gsutil ls -r gs://<bucketname>
• Azure Storage
az storage blob list --container-name $container_name --output
table
31. SACON 2019
Cloud storage: Demo
• Access buckets via aws s3 cmd
• How to check if bucket is publicly accessible
• How to enumerate various bucket names
32. SACON 2019
Cloud Snapshots
Cloud Snapshots are very very IaaS focused attack surface
Consider them like a disk image copy of the cloud instance
Snapshots can be retrieved and depending on the configuration attached to other VM’s.
Once disk is attached to other VM we have bypassed all the logical checks on the system and
should be in a position to access confidential items like
• /etc/shadow
• Windows SAM File
• Confidential files kept on filesystem
33. SACON 2019
Owning Cloud Snapshots
1. Get caller id: aws sts get-caller-identity
2. Describe snapshots aws ec2 describe-snapshots --owner-id <get from get-caller-
identity>
3. You can get list of every public snapshot by aws ec2 describe-snapshots –region us-
east-1
4. Load snapshot in own account
1. Create a volume
aws --profile YOUR_ACCOUNT ec2 create-volume --availability-zone us-west-2a --region
us-west-2 --snapshot-id snap-id
2. Attach volume to linux machine and inside linux machine run cmd to access it at /mnt
sudo mount /dev/xvdb1 /mnt
Ref: https://securosis.com/blog/cloud-forensics-101
34. SACON 2019
Azure AD Attacks
• Azure AD is a hosted AD Solution allows organizations to leverage hybrid approach where
two AD’s on prem and Azure AD can be in sync. Which also means if on prem is not
compromised but Azure AD got owned they have all creds.
• Even if you have only office 365 you are part of Azure AD and can interact via azure-cli
• Assuming you have a valid cred you can get User Details :
az ad user list --output=table --
query='[].{Created:createdDateTime,UPN:userPrincipalName,Name:displayName,Email:mai
l,UserId:mailNickname,Enabled:accountEnabled}’
• All service principals
az ad sp list --output=table --
query='[].{Name:displayName,Enabled:accountEnabled,URL:homepage,Publisher:publisher
Name,MetadataURL:samlMetadataUrl}’
https://adsecurity.org/wp-content/uploads/2017/07/2017-DEFCON-HackingTheCloud-SteereMetcalf-Final.pdf
More: https://hunter2.gitbook.io/darthsidious/enumeration/azure-enumeration and
https://www.blackhillsinfosec.com/red-teaming-microsoft-part-1-active-directory-leaks-via-azure/
35. SACON 2019
Attacking Serverless
We have created a sample webpage where we are running commands on two different
serverless environments AWS and GCP. Instead of talking lets have a quick demo of how
Serverless could be the start attack point and what differs where
• Tips: AWS lambda doesn’t have metadata API access but does carry creds in environment
variables /proc/self/environ
Refer: https://www.owasp.org/images/5/5c/OWASP-Top-10-Serverless-Interpretation-
en.pdf
36. SACON 2019
Attacking IAM Service
IAM services are very core to the cloud services
We have already seen various attack scenario’s leveraging roles and credentials
For specific to IAM scenario’s I wanted to talk about two essential topics
• Dormant Resources
• Shadow Admins
Dormant resources are those IAM roles and creds who were once created but are now not
active or created but never used and hence never monitored or cared for. (although it
applies to servers also but those have impact only on money not access)
TIPS: aws sts get-session-token --duration-seconds 129600 creates
a backdoor token not listed anywhere not visible in aws iam list-access-keys
37. SACON 2019
Shadow Admins
• CreateAccessKey : create a new access key to another IAM admin account
• CreateLoginProfile : The attacker can add a new password-based login profile, set a new password for that entity,
impersonate it and execute the intended malicious action on behalf of the compromised user.
• UpdateLoginProfile : permission to reset other IAM users’ login passwords.
• AttachUserPolicy, AttachGroupPolicy or AttachRolePolicy : permissions could attach existing admin policy to any
other entity
• PutUserPolicy, PutGroupPolicy or PutRolePolicy : permits the attacker to add “inline” policies to other entities, The
newly added inline policy defined by the attacker will allow the attacker to grant additional privileges other entities
• CreatePolicy : the attacker could add a stealthy admin policy
• AddUserToGroup : an attacker could add user directly into the admin group
• UpdateAssumeRolePolicy : an attacker can assume permissions of a privileged account
• CreatePolicyVersion, SetDefaultPolicyVersion : change a non-privileged entity to be a privileged one.
• PassRole with CreateInstanceProfile/AddRoleToInstanceProfile : attacker could create a new privileged instance
profile
Ref: https://www.cyberark.com/threat-research-blog/cloud-shadow-admin-threat-10-permissions-protect/
And https://github.com/duo-labs/cloudtracker
38. SACON 2019
Case study: Backdooring AWS Account
Starting point: Compromised AWS credentials
Exploitation Process:
1. Persist: aws sts get-session-token --duration-seconds 129600
2. Approach 1: Create user
1. aws iam create-user --user-name [my-user]
2. aws iam create-access-key --user-name [my-user]
3. Approach 2: Create just access key using
1. aws iam create-access-key --user-name [existing-user]
4. For future: Lambda function to trigger on new user creation and send you a access key
5. Approach 3: create a new role attach it to existing role
1. aws iam create-role and aws iam attach-role-policy
6. For future: lambda function to trigger on new role creation and add your backdoor
7. Failsafe: use UpdateAssumeRolePolicy trigger to read backdoors
Ref: https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9
39. SACON 2019
Auditing Tools
1. As an authorized person take the API Key with security permissions and audit
2. As an attacker when you obtain a key run it via auditing tools to see if you can spot some
easy wins.
For item 1, Bunch of different options cs-suite is my fav, just run it once and get most of the
common reports in one shot. But the versions might be a bit old so if you want prefer
running individual scans separately also. example scout2 is older in cs-suite
Reports for most of them are difficult to read for the first time.
Second scenario is tricky, tools are made with assumption that all commands will work but
that’s not necessarily the case. Mostly commands will fail in second case. Only tool made
with that in mind seems to be nimbostratus however its pretty limited. Example it can’t find
if s3 permissions are available to you.
40. SACON 2019
References and Tools
• Amazon Web Services — a practical guide https://github.com/open-guides/og-aws
• Pacu Attack framework: https://github.com/RhinoSecurityLabs/pacu
• Cloud resource mapping and visualizing : https://github.com/duo-labs/cloudmapper
• Practice environments
• http://flaws.cloud
• http://flaws2.cloud
• Serverless Practice environments
• https://github.com/we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service
• http://github.com/puresec/Serverless-Goat
• https://github.com/torque59/AWS-Vulnerable-Lambda
• Keep your login creds safe
– https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html
– https://aws.amazon.com/articles/tips-for-securing-your-ec2-instance/
41. SACON 2019
More References and Tools
• Hardening Guidelines
– https://www.cisecurity.org/benchmark/amazon_web_services/
– https://www.cisecurity.org/benchmark/azure/
– https://www.cisecurity.org/benchmark/google_cloud_computing_platform/
• Cloud Account Audit's
– https://github.com/SecurityFTW/cs-suite (Cross provider)
– https://github.com/toniblyx/prowler (AWS)
– https://github.com/cyberark/SkyArk (AWS)
– https://github.com/nccgroup/Scout2 (AWS)
– https://github.com/nccgroup/G-Scout (GCP)
– https://github.com/nccgroup/azucar (Azure)
– https://github.com/mwrlabs/Azurite (Azure)
• Another Case Study: https://www.threatstack.com/cloud-attack
• IaaS systems need more then just cloud level probing, perform OS level Audit's
– https://github.com/lateralblast/lunar (Linux)
– https://github.com/CISOfy/lynis (Linux)
42. SACON 2019
Thank You
If you need help feel free to contact
anant@anantshri.info
anant@notsosecure.com