Security measures against SSRF attacks for AWS EC2 instances
In this article you will learn about some preemptive security measures that can be implemented for AWS EC2 instances against SSRF attacks.
Tag: aws
-
![In this article you will learn about some preemptive security measures that can be implemented for AWS EC2 instances against SSRF attacks.]()
-
![The AWS RDS service, by default, does not enable secure transport layer security, allowing clients to connect insecurely if they want to. This is a blogpost to look at its discovery, why this is a problem and what you can possibly do to mitigate it.]()
AWS RDS does not force clients to connect using a secure transport layer
The AWS RDS service, by default, does not enable secure transport layer security, allowing clients to connect insecurely if they want to. This is a blogpost to look at its discovery, why this is a problem and what you can possibly do to mitigate it.
-
![AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.]()
How to securely configure an AWS EC2 instance
AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.
-
![The AWS WAF and Shield service can be used to protect web applications against a lot of different types of attacks. However, it has a limitation on the size of the packet that it can inspect that could result in attackers being able to bypass its protection features.]()
Bypassing the AWS WAF protection with an 8KB bullet
The AWS WAF and Shield service can be used to protect web applications against a lot of different types of attacks. However, it has a limitation on the size of the packet that it can inspect that could result in attackers being able to bypass its protection features.
-
![A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.]()
How to perform an IAM Security Audit in AWS
A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.
-
![AWS recently added default transparent server side encryption to every object in S3. This post shows how the APIs and SDK do not reflect the supposed reality of Server Side Encryption.]()
AWS S3 Default Server Side Encryption - Detection and Support
AWS recently added default transparent server side encryption to every object in S3. This post shows how the APIs and SDK do not reflect the supposed reality of Server Side Encryption.
