The greatest risk to data security in the public cloud is its own complexity and scale. Breach tactics remain, on the whole, mundane: bad actors simply take advantage of the labyrinth of identity structures within the public cloud infrastructure. The sheer number of interlocking entities, permissions, roles, and privileges in a modern enterprise cloud presents many opportunities for unintentional paths to data via compromised identities.
The best way to visualize this is to actually see it from a hackers perspective - so were doing this live in the cloud to show the most common paths to a data breach in AWS. Were using simple command-line arguments to compromise an identity in a typical s3 bucket and make our way to sensitive data. Well go through how bad actors can easily abuse concepts like: