Cloud adoption is on the rise, but since this move from on-premise to cloud is fairly recent, everyone is still learning and exploring the new ways of implementing infrastructures and utilising cloud services. This means it is very common to find misconfigured cloud resources open to the internet even when they are not intended.
In this video, Felipe Pr0teus shares how attackers are able to hunt for AWS resources exposed to the internet. Felipe is a security researcher with more than 10 years of experience, primarily working in the area of security monitoring, networking, data visualisation, and threat hunting. He actively participates and presents in various security events and conferences.
This video is part of the tech talks presented at Cloud Village. Cloud Village is an open space dedicated for people interested in cloud security and conducts various activities like talks, workshops, CTFs, and discussions around cloud.
What to expect from this video
Following topics have been covered in this video:
- Overview of AWS shared responsibility model
- Tools and techniques for finding exposed cloud resources
- Commonly misconfigured AWS services that can be found on the internet. It covers following services:
- Amazon DocumentDB
- Amazon MQ
- Amazon CloudSearch
- Amazon SQS
- Amazon RedShift
- AWS Managed Elasticsearch
S3 buckets get a lot of attention when it comes to data leaks and breaches in the cloud due to misconfigurations and oversight. However, in this video, the speaker introduces us to 6 less commonly discussed services which can also be discovered on the internet when misconfigured. The information and insights shared in this video are helpful for anyone who is responsible for managing and securing their cloud infrastructure.
This video provides an overview of the AWS shared responsibility model (which is important to understand for anyone using cloud services) and a bunch of tools and techniques that can be used to discover exposed resources. The speaker takes us through 6 AWS services and discusses how misconfigurations can leave these services exposed to the world. The speaker also shares interesting insights that he gained while exploring such exposed resources on the internet which sheds light on the importance of regularly following security best practices for timely detection and mitigation of misconfigurations in the cloud resources before the attackers find them.