SlideShare a Scribd company logo

Hunting for AWS Exposed Resources

Tenchi Security
Tenchi Security

Like all major public cloud providers, AWS allows users to expose managed resources like S3 buckets, SQS queues, RDS databases, and others publicly on the Internet. There are legitimate uses for making resources public, such as publishing non-sensitive data. However, we often find that this functionality is mistakenly used, often due to a lack of cloud security expertise, to erroneously expose sensitive data. News of exposed S3 buckets are sadly very frequent in the specialized media. It is important to note, however, that there are many other relevant kinds of AWS resources that can be equally dangerous when publicly exposed but that doesn't get nearly as much scrutiny as S3 buckets. In this talk we are going to describe some of the methods that researchers and attackers use to discover and exploit these publicly exposed resources, and how cloud providers and defenders can have taken action to monitor, prevent and respond to these activities. Presented at DEF CON 29 Cloud Village.

Technology
1 of 34
Download to read offline
Hunting for AWS Exposed Resources By Felipe "Pr0teus" Espósito
About Me Felipe "Pr0teus" Espósito Senior Researcher @ Tenchi Security @pr0teusbr fesposito@tenchisecurity.com Rio de Janeiro, Brazil 󰎙
Motivation
AWS has other services too
https://github.com/SummitRoute/aws_exposable_resourc es by Scott Piper
https://endgame.readthedocs.io/ In a completely unrelated note, Kinnaird McQuade is awesome.
https://www.youtube.com/watch?v=yO-tQ-byxno by Ben Morris
Sorry Obligatory slide for cloud security.
Shared Responsibility Model
Some Stats...
Data sources OSINT Techniques as: ● Passive DNS ● Wayback machine ● Subdomain enumeration ● Code repos
Enumerating Subdomains Ricardo Iramar wrote an article with a good comparison of 9 subdomain enumeration tools. Based on those findings, picked the following for this research: ● Findomain ● Amass https://ricardoiramar.medium.com/subdomain-enumeration-tools-evaluati on-57d4ec02d69e
Shodan & Censys We used Shodan and Censys on a few specific cases. We'll show the results on slides to come.
Discarded data sources. Certstream - AWS is using wildcard certificates for most services, which makes certstream of no use in identifying individual hostnames.
Metrics: Valid DNS - Means that the hostname resolves to an IP address. Public IP - Means that the IP resolved from the previous URL are not in the RFC 1918 private IP ranges.
Amazon DocumentDB URL: <name>.cluster-<random>.<region>.docdb.amazonaws.com Amass+Findomain 0 Censys 15 Historical Github 7 Github search 117 Security Trails 33 Passive Total 1
Amazon DocumentDB True (37.67%) False (62.33%) SecurityTrails GitHub query PassiveTotal Valid DNS Valid DNS by Data Source 0 5 10 15 20 25 30
Amazon MQ https://b-****-****-****-****-***.mq.<region>.amazonaws.com Amazon expose the Amazon MQ through a DNS entry Web console listen on port:8162 ActiveMQ uses Security Groups by default. Shodan 4433 Amass+Findomain 563 Historical Github 2 Github search 5 Security Trails 145 Passive Total 0
Amazon MQ
Amazon MQ Security Trails Amass + Findomain 20 0 40 60 80 100 120 140 160 Unique Valid URLs
Amazon CloudSearch <name>-<random>.<region>.cloudsearch.amazonaws.com Shodan 38155 Amass+Findomain 119 Historical Github 48 Github search 15 Security Trails 49 Passive Total 15 Amazon implements an Elastic Load Balancer V2 in front of Cloudsearch. Tried to Search for letter E and A in order to find exposed cloudsearch with resource policy to *.
Amazon CloudSearch Security Trails Amass + Findomain Passive Total 0 2 4 10 30 20
Amazon SQS Amazon SQS are exposed by AWS as an URL: https://sqs.<region>.amazonaws.com/<AccountID>/<Queue Name> That means that Passive URL and subdomain enumeration techniques were ineffective. Amass+Findomain 0 Historical Github 471 Github search 210 Security Trails 0 Passive Total 0
Amazon SQS Github Historical Github Query 50 0 100 150 200 250 300 350 400 450 Public writable & Public Readable Not Public Public Writable but not Public Readable
Amazon RedShift URL: <name>.<random>.<region>.redshift.amazonaws.com Amazon exposes RedShift database through DNS entries To publicly expose a RedShift database you must: 1. Create an Elastic IP Address. 2. Configure Redshift to use the Elastic IP Address. 3. Change the Security Group to allow 0.0.0.0 inbound Amass+Findomain 42 Historical Github 7 Github search 192 Security Trails 226 Passive Total 2
Amazon RedShift Amass + Findomain (19.18%) GitHub query (7.53%) Security Trails (73.29%) Security Trails Github Query Amass + Findomain Github Historical Passivetotal Unique DNS Valid Invalid Valid DNS by source
AWS Managed Elasticsearch. https://search-[name]-[random].[region].es.amazonaws.com Route53 ALBv2 Elasticsearch OpenDistro https://vpc-[name]-[random].[region].es.amazonaws.com You can also choose the authentication type: ● Cognito ● Basic Auth ● IAM ● None
Public ElasticSearch Clusters
AWS Managed Elasticsearch. Security Trails Amass + Findomain Passive Total Github query Github historical Valid DNS per source Percentage of Valid DNS
AWS Managed Elasticsearch authentication IAM Auth Open Basic Auth
AWS Managed Elasticsearch. Security Trails Amass + Findomain Passive Total Github query Github historical Open Public by Source Open Public Size of data by Source Amass + Findomain Security Trails Passive Total Github query 30% (1.5TB) 40% (2TB)
Closing Thoughts Take the shared responsibility model seriously, please! 󰚦 Find IAM resource policies that allow Principal "*" or equivalent. 😱 Use security tools to automatically detect and mitigate misconfigurations (i.e. CSPM, SecurityHub, AWS Config rules). 🤖 The dynamic nature of the cloud makes historical Github data obsolete. We spent US$ 250+ in Bigquery searches for almost no valid hits. 💸 Passive DNS has partial visibility of cloud infrastructure but it's a good source for hunting for AWS Managed resources. 󰗨
Questions ? @pr0teusbr fesposito@tenchisecurity.com

Recommended

MySQL Database Architectures - High Availability and Disaster Recovery Solution
MySQL Database Architectures - High Availability and Disaster Recovery SolutionMySQL Database Architectures - High Availability and Disaster Recovery Solution
MySQL Database Architectures - High Availability and Disaster Recovery SolutionMiguel Araújo
 
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Anton Chuvakin
 
Troubleshooting Kerberos in Hadoop: Taming the Beast
Troubleshooting Kerberos in Hadoop: Taming the BeastTroubleshooting Kerberos in Hadoop: Taming the Beast
Troubleshooting Kerberos in Hadoop: Taming the BeastDataWorks Summit
 
Writing HTTP Middleware In Go
Writing HTTP Middleware In GoWriting HTTP Middleware In Go
Writing HTTP Middleware In GoShiju Varghese
 
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...Amazon Web Services
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityRyan Dawson
 
Bitrise
BitriseBitrise
BitriseNarlei Moreira
 
Load Balancing with HAproxy
Load Balancing with HAproxyLoad Balancing with HAproxy
Load Balancing with HAproxyBrendan Jennings
 

Recommended

MySQL Database Architectures - High Availability and Disaster Recovery Solution
MySQL Database Architectures - High Availability and Disaster Recovery SolutionMySQL Database Architectures - High Availability and Disaster Recovery Solution
MySQL Database Architectures - High Availability and Disaster Recovery SolutionMiguel Araújo
 
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Anton Chuvakin
 
Troubleshooting Kerberos in Hadoop: Taming the Beast
Troubleshooting Kerberos in Hadoop: Taming the BeastTroubleshooting Kerberos in Hadoop: Taming the Beast
Troubleshooting Kerberos in Hadoop: Taming the BeastDataWorks Summit
 
Writing HTTP Middleware In Go
Writing HTTP Middleware In GoWriting HTTP Middleware In Go
Writing HTTP Middleware In GoShiju Varghese
 
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...
Deep Dive on Amazon Aurora MySQL Performance Tuning (DAT429-R1) - AWS re:Inve...Amazon Web Services
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityRyan Dawson
 
Bitrise
BitriseBitrise
BitriseNarlei Moreira
 
Load Balancing with HAproxy
Load Balancing with HAproxyLoad Balancing with HAproxy
Load Balancing with HAproxyBrendan Jennings
 
Monoliths and Microservices
Monoliths and Microservices Monoliths and Microservices
Monoliths and Microservices Bozhidar Bozhanov
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful ArchitectureKabir Baidya
 
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...Altinity Ltd
 
REST API
REST APIREST API
REST APITofazzal Ahmed
 
Redis persistence in practice
Redis persistence in practiceRedis persistence in practice
Redis persistence in practiceEugene Fidelin
 
Asp.net
Asp.net Asp.net
Asp.netDinesh kumar
 
An Introduction to Elastic Search.
An Introduction to Elastic Search.An Introduction to Elastic Search.
An Introduction to Elastic Search.Jurriaan Persyn
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services pptOECLIB Odisha Electronics Control Library
 
Solid principles
Solid principlesSolid principles
Solid principlesMonica Rodrigues
 
Introduction to MongoDB Enterprise
Introduction to MongoDB EnterpriseIntroduction to MongoDB Enterprise
Introduction to MongoDB EnterpriseMongoDB
 
The InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQLThe InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQLMorgan Tocker
 
Laravel Introduction
Laravel IntroductionLaravel Introduction
Laravel IntroductionAhmad Shah Hafizan Hamidin
 
01 oracle architecture
01 oracle architecture01 oracle architecture
01 oracle architectureSmitha Padmanabhan
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 
Rest api standards and best practices
Rest api standards and best practicesRest api standards and best practices
Rest api standards and best practicesAnkita Mahajan
 
MySQL Space Management
MySQL Space ManagementMySQL Space Management
MySQL Space ManagementMIJIN AN
 
Spring cloud for microservices architecture
Spring cloud for microservices architectureSpring cloud for microservices architecture
Spring cloud for microservices architectureIgor Khotin
 
Less05 storage
Less05 storageLess05 storage
Less05 storageImran Ali
 
How To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - SlidesHow To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
 
Avoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSAvoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSDebHawk
 
Amazon GuardDuty Lab
Amazon GuardDuty LabAmazon GuardDuty Lab
Amazon GuardDuty LabAmazon Web Services
 

More Related Content

What's hot

Monoliths and Microservices
Monoliths and Microservices Monoliths and Microservices
Monoliths and Microservices Bozhidar Bozhanov
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful ArchitectureKabir Baidya
 
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...Altinity Ltd
 
Redis persistence in practice
Redis persistence in practiceRedis persistence in practice
Redis persistence in practiceEugene Fidelin
 
An Introduction to Elastic Search.
An Introduction to Elastic Search.An Introduction to Elastic Search.
An Introduction to Elastic Search.Jurriaan Persyn
 
Introduction to MongoDB Enterprise
Introduction to MongoDB EnterpriseIntroduction to MongoDB Enterprise
Introduction to MongoDB EnterpriseMongoDB
 
The InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQLThe InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQLMorgan Tocker
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 
Rest api standards and best practices
Rest api standards and best practicesRest api standards and best practices
Rest api standards and best practicesAnkita Mahajan
 
MySQL Space Management
MySQL Space ManagementMySQL Space Management
MySQL Space ManagementMIJIN AN
 
Spring cloud for microservices architecture
Spring cloud for microservices architectureSpring cloud for microservices architecture
Spring cloud for microservices architectureIgor Khotin
 
Less05 storage
Less05 storageLess05 storage
Less05 storageImran Ali
 
How To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - SlidesHow To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - SlidesSeveralnines
 

What's hot (20)

Monoliths and Microservices
Monoliths and Microservices Monoliths and Microservices
Monoliths and Microservices
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful Architecture
 
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
ClickHouse Data Warehouse 101: The First Billion Rows, by Alexander Zaitsev a...
 
REST API
REST APIREST API
REST API
 
Redis persistence in practice
Redis persistence in practiceRedis persistence in practice
Redis persistence in practice
 
Asp.net
Asp.net Asp.net
Asp.net
 
An Introduction to Elastic Search.
An Introduction to Elastic Search.An Introduction to Elastic Search.
An Introduction to Elastic Search.
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services ppt
 
Solid principles
Solid principlesSolid principles
Solid principles
 
Introduction to MongoDB Enterprise
Introduction to MongoDB EnterpriseIntroduction to MongoDB Enterprise
Introduction to MongoDB Enterprise
 
The InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQLThe InnoDB Storage Engine for MySQL
The InnoDB Storage Engine for MySQL
 
Laravel Introduction
Laravel IntroductionLaravel Introduction
Laravel Introduction
 
01 oracle architecture
01 oracle architecture01 oracle architecture
01 oracle architecture
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security Presentation
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기
 
Rest api standards and best practices
Rest api standards and best practicesRest api standards and best practices
Rest api standards and best practices
 
MySQL Space Management
MySQL Space ManagementMySQL Space Management
MySQL Space Management
 
Spring cloud for microservices architecture
Spring cloud for microservices architectureSpring cloud for microservices architecture
Spring cloud for microservices architecture
 
Less05 storage
Less05 storageLess05 storage
Less05 storage
 
How To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - SlidesHow To Set Up SQL Load Balancing with HAProxy - Slides
How To Set Up SQL Load Balancing with HAProxy - Slides
 

Similar to Hunting for AWS Exposed Resources

Avoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSAvoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSDebHawk
 
Pwned Cloud Society - BsidesSLC 2017
Pwned Cloud Society - BsidesSLC 2017Pwned Cloud Society - BsidesSLC 2017
Pwned Cloud Society - BsidesSLC 2017Bryce Kunz
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
A Practitioners Guide to Securing Your Cloud
A Practitioners Guide to Securing Your CloudA Practitioners Guide to Securing Your Cloud
A Practitioners Guide to Securing Your CloudAmazon Web Services
 
Aws primer Amazon Web Services
Aws primer Amazon Web ServicesAws primer Amazon Web Services
Aws primer Amazon Web ServicesMamun Rashid, CCDH
 
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...Amazon Web Services
 
Serverless computing with AWS Lambda
Serverless computing with AWS Lambda Serverless computing with AWS Lambda
Serverless computing with AWS Lambda Apigee | Google Cloud
 
A New Perspective on Resource-Level Cloud Forensics
A New Perspective on Resource-Level Cloud ForensicsA New Perspective on Resource-Level Cloud Forensics
A New Perspective on Resource-Level Cloud ForensicsChristopher Doman
 
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...Amazon Web Services
 
Aws Introduction, technology and $ sense
Aws Introduction, technology and $ senseAws Introduction, technology and $ sense
Aws Introduction, technology and $ senseSachin Dole
 
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resources
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resourcesJavaScript & Cloud: the AWS JS SDK and how to work with cloud resources
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resourcesCorley S.r.l.
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventJohn Schneider
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Amazon Web Services
 
BigData: AWS RedShift with S3, EC2
BigData: AWS RedShift with S3, EC2BigData: AWS RedShift with S3, EC2
BigData: AWS RedShift with S3, EC2Paulraj Pappaiah
 
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksEssential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksAmazon Web Services
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best PracticesDoiT International
 

Similar to Hunting for AWS Exposed Resources (20)

Avoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSAvoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWS
 
Amazon GuardDuty Lab
Amazon GuardDuty LabAmazon GuardDuty Lab
Amazon GuardDuty Lab
 
Amazed by AWS Series #4
Amazed by AWS Series #4Amazed by AWS Series #4
Amazed by AWS Series #4
 
Jz 201 t
Jz 201 tJz 201 t
Jz 201 t
 
Pwned Cloud Society - BsidesSLC 2017
Pwned Cloud Society - BsidesSLC 2017Pwned Cloud Society - BsidesSLC 2017
Pwned Cloud Society - BsidesSLC 2017
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
GuardDuty Hands-on Lab
GuardDuty Hands-on LabGuardDuty Hands-on Lab
GuardDuty Hands-on Lab
 
A Practitioners Guide to Securing Your Cloud
A Practitioners Guide to Securing Your CloudA Practitioners Guide to Securing Your Cloud
A Practitioners Guide to Securing Your Cloud
 
Aws primer Amazon Web Services
Aws primer Amazon Web ServicesAws primer Amazon Web Services
Aws primer Amazon Web Services
 
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...
Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...
 
Serverless computing with AWS Lambda
Serverless computing with AWS Lambda Serverless computing with AWS Lambda
Serverless computing with AWS Lambda
 
A New Perspective on Resource-Level Cloud Forensics
A New Perspective on Resource-Level Cloud ForensicsA New Perspective on Resource-Level Cloud Forensics
A New Perspective on Resource-Level Cloud Forensics
 
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...
 
Aws Introduction, technology and $ sense
Aws Introduction, technology and $ senseAws Introduction, technology and $ sense
Aws Introduction, technology and $ sense
 
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resources
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resourcesJavaScript & Cloud: the AWS JS SDK and how to work with cloud resources
JavaScript & Cloud: the AWS JS SDK and how to work with cloud resources
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:Invent
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
 
BigData: AWS RedShift with S3, EC2
BigData: AWS RedShift with S3, EC2BigData: AWS RedShift with S3, EC2
BigData: AWS RedShift with S3, EC2
 
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksEssential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best Practices
 

More from Tenchi Security

us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...
us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...
us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...Tenchi Security
 
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...Tenchi Security
 
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...Tenchi Security
 
Detecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsDetecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsTenchi Security
 
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...Tenchi Security
 
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)Tenchi Security
 
SaaSpocalypse - The Complexity and Power of AWS Cross Account Access
SaaSpocalypse - The Complexity and Power of AWS Cross Account AccessSaaSpocalypse - The Complexity and Power of AWS Cross Account Access
SaaSpocalypse - The Complexity and Power of AWS Cross Account AccessTenchi Security
 
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)Novos Paradigmas de Segurança com adoção de Nuvem (AWS)
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)Tenchi Security
 
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CTPalestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CTTenchi Security
 
Introdução à Segurança de Containers e Kubernetes
Introdução à Segurança de Containers e KubernetesIntrodução à Segurança de Containers e Kubernetes
Introdução à Segurança de Containers e KubernetesTenchi Security
 
Webinar Segurança de DevOps
Webinar Segurança de DevOpsWebinar Segurança de DevOps
Webinar Segurança de DevOpsTenchi Security
 
Latinoware 2019 - Securing Clouds Wide Open
Latinoware 2019 - Securing Clouds Wide OpenLatinoware 2019 - Securing Clouds Wide Open
Latinoware 2019 - Securing Clouds Wide OpenTenchi Security
 

More from Tenchi Security (12)

us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...
us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...
us-east-1 Shuffle_ Lateral Movement and other Creative Steps Attackers Take i...
 
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...
Shopping for Vulnerabilities - How Cloud Service Provider Marketplaces can He...
 
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...
The Fault in Our Stars - Attack Vectors for APIs Using Amazon API Gateway Lam...
 
Detecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsDetecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ails
 
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...
Aprendizados da Gestão de Riscos e Conformidade Regulatória de sua Organizaçã...
 
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)
Mapeando problemas de privilégios no AWS IAM (Identity & Access Management)
 
SaaSpocalypse - The Complexity and Power of AWS Cross Account Access
SaaSpocalypse - The Complexity and Power of AWS Cross Account AccessSaaSpocalypse - The Complexity and Power of AWS Cross Account Access
SaaSpocalypse - The Complexity and Power of AWS Cross Account Access
 
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)Novos Paradigmas de Segurança com adoção de Nuvem (AWS)
Novos Paradigmas de Segurança com adoção de Nuvem (AWS)
 
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CTPalestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT
Palestra Medindo seu nível de Visibilidade e Detecção usando ATT&CK e DeTT&CT
 
Introdução à Segurança de Containers e Kubernetes
Introdução à Segurança de Containers e KubernetesIntrodução à Segurança de Containers e Kubernetes
Introdução à Segurança de Containers e Kubernetes
 
Webinar Segurança de DevOps
Webinar Segurança de DevOpsWebinar Segurança de DevOps
Webinar Segurança de DevOps
 
Latinoware 2019 - Securing Clouds Wide Open
Latinoware 2019 - Securing Clouds Wide OpenLatinoware 2019 - Securing Clouds Wide Open
Latinoware 2019 - Securing Clouds Wide Open
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Hunting for AWS Exposed Resources