Sonrai Security Releases Industry-First Risk Insights Engine 👉
Learn More
Search Login
Sign In Sign Up for Free

Interactive Product Tour

interactive tour Start a Tour Get a Demo

Interactive Product Tour

interactive tour Start a Tour Get a Demo
FREE WEBINAR

Preventing AWS Cryptomining Attacks at the Permission Layer

AWS recently disclosed an active cryptomining campaign exploiting compromised credentials to execute legitimate – but highly privileged – API calls. While most security tools detect these attacks after resources are deployed and costs are incurred, this webinar shows how they can be stopped before the first API call succeeds.

Join Sonrai Security for a live, technical walkthrough of the attack kill chain- and a real-time demonstration of how controlling privileged permissions prevents the attack entirely.

Date
Jan 7, 2026
Time
1:00 PM ET
Duration
45 Minutes

Meet Your Speakers

Nigel Sood

Nigel Sood

Cloud Privilege Threat Researcher

Sonrai Security

Eats new AWS Permissions for breakfast

Expert Speaker
Matt Carle

Matt Carle

Head of Product

Sonrai Security

Obsessed with cloud security, when not rebuilding motorcycles

Expert Speaker

Register now

  • Instant confirmation email
  • No spam, unsubscribe anytime

By registering, you agree to receive webinar updates and marketing emails. You can opt-out at any time.

What You’ll See in This Webinar

Get insight into how to stop these and similar attacks with native AWS tools

1

Live Attack Simulation

______________

Step-by-step dissection of the attack, including the exact AWS services and API calls abused, and the privileged permissions that enable resource theft, escalation, and persistence

2

The importance of unique, privileged permissions

______________

Despite being broadly granted, these permissions are rarely used, high-impact, and disproportionately valuable to attackers

3

Why existing PAM & detection tools failed

______________

Why the focus on known identities, nonspecific enforcement for each unique privilege, and post-hoc focus on ‘visibility’ handicaps the ability to stop any IAM attack

4

How to prevent this via SCP and other policies

______________

Strategies to eliminate standing privileges (and ending myopia on CVEs as the only entry point) while not breaking existing workloads or frustrating devs looking for privileged access

Watch our last session

New to our webinars? Check out our last session, Shift Left is a Dead End for Cloud Identity Security

Watch webinar

Register now

Get exclusive SCP templating and policy generation strategies to stop this ongoing attack

Register Now - It’s Free

Sonrai Main Logo

© 2025 Sonrai Security. All rights reserved

Privacy Policy  |  

Sonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307, 11,134,085, and 12,218,982, together with other domestic and international patents pending. All rights reserved.