Sonrai Security website logo for identity and data governance and cloud security

Live Hack: Common Paths to Breach from One Compromised AWS Identity

Go Back
Webinar Featured Image
On Demand
Presented By
Jeff Moncrief, Director of Sales Engineering at Sonrai Security
Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute
Watch Now

The greatest risk to data security in the public cloud is its own complexity and scale. Breach tactics remain, on the whole, mundane: bad actors simply take advantage of the labyrinth of identity structures within the public cloud infrastructure. The sheer number of interlocking entities, permissions, roles, and privileges in a modern enterprise cloud presents many opportunities for unintentional paths to data via compromised identities.

The best way to visualize this is to actually see it from a hackers perspective - so were doing this live in the cloud to show the most common paths to a data breach in AWS. Were using simple command-line arguments to compromise an identity in a typical s3 bucket and make our way to sensitive data. Well go through how bad actors can easily abuse concepts like:

  • Privilege escalations
  • Trust relationships
  • Toxic identity combinations
  • Improper separation of duties

You Might Also Like

Webinar Featured Image
Webinar Image 2
Webinar Image 3
magnifier