Webinar

SANS Live Hack: Common Paths to Breach From 1 Compromised AWS Identity

Webinar Details

Date & Time: 03.02.2021

Type: On Demand

Presenter(s): Jeff Moncrief, Director of Sales Engineering at Sonrai Security
Dave Shackleford, Analyst, SANS Technology Institute

Watch Now

The greatest risk to data security in the public cloud is its own complexity and scale. Breach tactics remain, on the whole, mundane: bad actors simply take advantage of the labyrinth of identity structures within the public cloud infrastructure. The sheer number of interlocking entities, permissions, roles, and privileges in a modern enterprise cloud presents many opportunities for unintentional paths to data via compromised identities. SANS and AWS experts will walk you through a live data breach.

The best way to visualize this is to actually see it from a hackers perspective – so we’re doing this live in the cloud to show the most common paths to a data breach in AWS. We’re using simple command-line arguments to compromise an identity in a typical s3 bucket and make our way to sensitive data. We’ll go through how bad actors can easily abuse concepts like:

Privilege escalations
Trust relationships
Toxic identity combinations
Improper separation of duties

Watch this SANS AWS webinar to learn more.

Watch Now

SANS Live Hack: Common Paths to Breach From 1 Compromised AWS Identity

Share this entry