~ 3 min read

Hunting for AWS Exposed Resources

Misconfigured cloud services exposed to the internet is a very common security issue. This video talks about how exposed AWS resources can be discovered and some interesting insights from the speaker Felipe Proteus indicating the importance of securing your cloud resources.

Introduction

โ€

Cloud adoption is on the rise, but since this move from on-premise to cloud is fairly recent, everyone is still learning and exploring the new ways of implementing infrastructures and utilising cloud services. This means it is very common to find misconfigured cloud resources open to the internet even when they are not intended. 

In this video, Felipe Proteus shares how attackers are able to hunt for AWS resources exposed to the internet. Felipe is a security researcher with more than 10 years of experience, primarily working in the area of security monitoring, networking, data visualisation, and threat hunting. He actively participates and presents in various security events and conferences.

This video is part of the tech talks presented at Cloud Village. Cloud Village is an open space dedicated for people interested in cloud security and conducts various activities like talks, workshops, CTFs, and discussions around cloud. 

โ€

What to expect from this video

โ€

Following topics have been covered in this video:

  1. Overview of AWS shared responsibility model
  2. Tools and techniques for finding exposed cloud resources
  3. Commonly misconfigured AWS services that can be found on the internet.

โ€

It covers following services:

  1. Amazon DocumentDB
  2. Amazon MQ
  3. Amazon CloudSearch
  4. Amazon SQS
  5. Amazon RedShift
  6. AWS Managed Elasticsearch

โ€

โ€

Key Takeaways

โ€

S3 buckets get a lot of attention when it comes to data leaks and breaches in the cloud due to misconfigurations and oversight. However, in this video, the speaker introduces us to 6 less commonly discussed services which can also be discovered on the internet when misconfigured. The information and insights shared in this video are helpful for anyone who is responsible for managing and securing their cloud infrastructure.

This video provides an overview of the AWS shared responsibility model (which is important to understand for anyone using cloud services) and a bunch of tools and techniques that can be used to discover exposed resources. The speaker takes us through 6 AWS services and discusses how misconfigurations can leave these services exposed to the world. The speaker also shares interesting insights that he gained while exploring such exposed resources on the internet which sheds light on the importance of regularly following security best practices for timely detection and mitigation of misconfigurations in the cloud resources before the attackers find them.

โ€

***

โ€

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

;