SlideShare une entreprise Scribd logo

Attacking AWS: the full cyber kill chain

SecuRing
SecuRing

While it is quite common practice to do periodic security assessments of your local network, it is really rare to find a company who puts the same effort for testing the security in their cloud. We have to understand what new threats and risks appeared with the cloud and how should we change our attitude to testing cloud security. The goal of my presentation is to show how security assessment of cloud infrastructure it is different from testing environments in classic architecture. I'll demonstrate a hypothetical attack on a company which is fully deployed in the AWS environment. I’m going to show the whole kill chain starting from presenting cloud-applicable reconnaissance techniques. Then I’ll attack the web application server hosted on EC2 instance to access its metadata. Using the assigned role, I’ll access another AWS EC2 instance to escalate privileges to the administrator and then present how to hide fingerprints in CloudTrail service. Finally, I’ll demonstrate various techniques of silent exfiltrating data from AWS environment, setting up persistent access and describe another potential, cloud-specific threats, e.g. cryptojacking or ransomware in the cloud. The presentation shows practical aspects of attacking cloud services and each step of the kill chain will be presented in a form of an interactive, live demo. On the examples of presented attacks, I’ll show how to use AWS exploitation framework Pacu and other handy scripts.

Logiciels
1  sur  51
Télécharger pour lire hors ligne
Attacking AWS: the full cyber kill chain Pawel Rzepa (pawel.rzepa@securing.pl)
IDS SIEM DLP Firewall - Is it safe? - F@#ck it, deploy! Cloud environment
www.securing.biz source: https://github.blog/2019-08-19-github-token-scanning-one-billion-tokens-identified-and-five-new-partners/
www.securing.biz source: https://technodrone.blogspot.com/2019/03/the-anatomy-of-aws-key-leak-to-public.html Commit including AWS keys Amazon notifies about the leak First attempt to use leaked keys 0 55 sec 122 sec
www.securing.biz #whoami • Senior Security Consultant in - Pentesting - Cloud security assessment • Blog: https://medium.com/@rzepsky • Twitter: @Rzepsky
The story www.securing.biz
www.securing.biz
www.securing.biz
www.securing.biz source: https://media.images.yourquote.in/post/large/0/0/12/20/x95x3598.jpg
www.securing.biz
What is metadata? • Data about your instance • It's a link-local address, accessible ONLY from your instance! • May include access keys to Instance Profile: www.securing.biz http://169.254.169.254/latest/meta-data/iam/security-credentials/ http://169.254.169.254/latest/meta-data/
Dark side of the story www.securing.biz
www.securing.biz Somewhere in the other end of the Internet...
Demo: https://vimeo.com/363518570 www.securing.biz Domainanalytics.org - intro
Identify the IP owner www.securing.biz Public AWS IP ranges: https://amzn.to/2EbvP0J Or use AWS EC2 reachability test: https://bit.ly/30274Ag
Demo: https://vimeo.com/363519636 www.securing.biz Exploiting SSRF to get metadata
www.securing.biz port 80 from 0.0.0.0/0 ec2_role SSRF
The real story… www.securing.biz Source: https://bit.ly/2mhhvRb
www.securing.biz
Demo: https://vimeo.com/334856214 www.securing.biz Pacu intro
Bruteforce permissions www.securing.biz
Enumerate, enumerate, enumerate! Pacu (Domain Analytics:ec2_pivot) > run ec2__enum (...) Pacu (Domain Analytics:ec2_pivot) > data EC2 (...) VS www.securing.biz
There's a stopped instance (i-08d6cf0eaf210a552) with instance-profile/admin attached! www.securing.biz What can we find out there?
www.securing.biz port 80 from 0.0.0.0/0 ec2_role admin SSRF
www.securing.biz Modified User Data
www.securing.biz Port 80 from 0.0.0.0/0 SSRF admin User Data reverse shell getting administrator access ec2_role
Demo: https://vimeo.com/334856098 www.securing.biz Privilege escalation
Staying under the hoodStaying under the hood
CloudTrail by default monitors all regions
CloudTrail: ways to hide your fingerprints
www.securing.biz Disrupt monitoring services
www.securing.biz Minimize monitoring services
www.securing.biz Minimize monitoring services
Persist access • Bind shell in User Data with backdoor in Security Groups • Lambda backdoor which creates IAM user when specific CloudWatch Event occurs • Backdoor via cross-account Trust Policy • Add extra keys to existing user www.securing.biz
www.securing.biz Without monitoring it’s hard to detect a 2nd key pair… even for legit administrator ! Demo: https://vimeo.com/334856167
www.securing.biz The real story… Source: https://bit.ly/30qQo5c
Let's switch perspective to the blue team www.securing.biz
www.securing.biz Mitigation: dynamically lock role’s credentials More: https://bit.ly/2HFJYtk
www.securing.biz Mitigation: separate access to logs AWS Organizations
www.securing.biz Mitigation: follow the AWS CIS Foundations Benchmark Source: https://bit.ly/2lP8fnb
Mitigation: aggregate security events www.securing.biz Source: https://bit.ly/2kPhYtp
How to detect all security issues? www.securing.biz
• Are there any extra, undocumented resources? • Is the system architecture free from design flaws? Cloud security assessment: architecture review www.securing.biz
Cloud security assessment: configuration review • Are all cloud services configured in compliance with best practices? www.securing.biz
• Are your applications free from vulnerabilities like RCE/SSRF/XXE etc.? • Is the Serverless code secure (e.g. free from "event injections")? Cloud security assessment: pentesting sensitive services www.securing.biz
• Do you monitor sensitive actions? • Do you have defined incident response procedure? Cloud security assessment: verifying monitoring processes www.securing.biz
Audit your cloud infrastructure Harden it. Repeat. www.securing.biz
7-Step Guide to SecuRing your AWS Kingdom www.securing.biz https://bit.ly/2EN7yAs
KrkAnalytica CTF www.securing.biz https://bit.ly/2ZFF9Gh
If so, contact me on: pawel.rzepa@securing.pl Do you have any questions? Could you give me any feedback?

Recommandé

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
 
Api security-testing
Api security-testingApi security-testing
Api security-testingn|u - The Open Security Community
 
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesXXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
 
XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?Yurii Bilyk
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS VectorsRodolfo Assis (Brute)
 
Hacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesHacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesMikhail Egorov
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Welcome to the Jungle: Pentesting AWS
Welcome to the Jungle: Pentesting AWSWelcome to the Jungle: Pentesting AWS
Welcome to the Jungle: Pentesting AWSMike Felch
 

Recommandé

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
 
Api security-testing
Api security-testingApi security-testing
Api security-testingn|u - The Open Security Community
 
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesXXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
 
XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?Yurii Bilyk
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS VectorsRodolfo Assis (Brute)
 
Hacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesHacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesMikhail Egorov
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Welcome to the Jungle: Pentesting AWS
Welcome to the Jungle: Pentesting AWSWelcome to the Jungle: Pentesting AWS
Welcome to the Jungle: Pentesting AWSMike Felch
 
Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)Amazon Web Services
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes SecurityKarthik Gaekwad
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 
A5: Security Misconfiguration
A5: Security Misconfiguration A5: Security Misconfiguration
A5: Security Misconfiguration Tariq Islam
 
Cross Site Request Forgery Vulnerabilities
Cross Site Request Forgery VulnerabilitiesCross Site Request Forgery Vulnerabilities
Cross Site Request Forgery VulnerabilitiesMarco Morana
 
Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting JenkinsBrian Hysell
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsMikhail Egorov
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrepNull Bhubaneswar
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveAmazon Web Services
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryWill Schroeder
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security HubCrishantha Nanayakkara
 
AWS Security by Design
AWS Security by Design AWS Security by Design
AWS Security by Design Amazon Web Services
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMFrans Rosén
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsMikhail Egorov
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon Web Services
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Barrel Software
 
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPROIDEA
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detailOWASP
 

Contenu connexe

Tendances

Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)Amazon Web Services
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 
A5: Security Misconfiguration
A5: Security Misconfiguration A5: Security Misconfiguration
A5: Security Misconfiguration Tariq Islam
 
Cross Site Request Forgery Vulnerabilities
Cross Site Request Forgery VulnerabilitiesCross Site Request Forgery Vulnerabilities
Cross Site Request Forgery VulnerabilitiesMarco Morana
 
Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting JenkinsBrian Hysell
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsMikhail Egorov
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrepNull Bhubaneswar
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveAmazon Web Services
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryWill Schroeder
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMFrans Rosén
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsMikhail Egorov
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon Web Services
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Barrel Software
 

Tendances (20)

Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)Deep Dive on Amazon RDS (Relational Database Service)
Deep Dive on Amazon RDS (Relational Database Service)
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes Security
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
 
A5: Security Misconfiguration
A5: Security Misconfiguration A5: Security Misconfiguration
A5: Security Misconfiguration
 
Cross Site Request Forgery Vulnerabilities
Cross Site Request Forgery VulnerabilitiesCross Site Request Forgery Vulnerabilities
Cross Site Request Forgery Vulnerabilities
 
Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting Jenkins
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webapps
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrep
 
Deep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep DiveDeep dive ECS & Fargate Deep Dive
Deep dive ECS & Fargate Deep Dive
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active Directory
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
AWS Security by Design
AWS Security by Design AWS Security by Design
AWS Security by Design
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEM
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Cross Site Scripting (XSS)
Cross Site Scripting (XSS)
 

Similaire à Attacking AWS: the full cyber kill chain

PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPROIDEA
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detailOWASP
 
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?Ken Johnson
 
Core strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSCore strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSShane Peden
 
Avoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSAvoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSDebHawk
 
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...Amazon Web Services
 
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...Amazon Web Services
 
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOpsIn the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOpsGarth Boyd
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Matt Raible
 
Bsidesnova- Pentesting Methodology - Making bits less complicated
Bsidesnova- Pentesting Methodology - Making bits less complicatedBsidesnova- Pentesting Methodology - Making bits less complicated
Bsidesnova- Pentesting Methodology - Making bits less complicatedOctavio Paguaga
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)Amazon Web Services
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
 
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessAlabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessToni de la Fuente
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraLock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraVMware Tanzu
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
 
It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?Ken Johnson
 
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...Andrew Backhouse
 

Similaire à Attacking AWS: the full cyber kill chain (20)

PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chain
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail
 
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
 
Core strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSCore strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWS
 
Avoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWSAvoiding Friendly Fire in AWS
Avoiding Friendly Fire in AWS
 
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
 
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
 
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOpsIn the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
 
Bsidesnova- Pentesting Methodology - Making bits less complicated
Bsidesnova- Pentesting Methodology - Making bits less complicatedBsidesnova- Pentesting Methodology - Making bits less complicated
Bsidesnova- Pentesting Methodology - Making bits less complicated
 
Breaking The Cloud Kill Chain
Breaking The Cloud Kill ChainBreaking The Cloud Kill Chain
Breaking The Cloud Kill Chain
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
 
Security Analytics with OpenSearch
Security Analytics with OpenSearchSecurity Analytics with OpenSearch
Security Analytics with OpenSearch
 
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessAlabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraLock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
 
It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?
 
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...
AWS Leeds Meetup - How do you manage secure access to AWS in an ever-increasi...
 

Plus de SecuRing

Developer in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersDeveloper in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersSecuRing
 
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!SecuRing
 
Developer in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameDeveloper in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameSecuRing
 
Is persistency on serverless even possible?!
Is persistency on serverless even possible?!Is persistency on serverless even possible?!
Is persistency on serverless even possible?!SecuRing
 
What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!SecuRing
 
0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS EnvironmentsSecuRing
 
Developer in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionDeveloper in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionSecuRing
 
20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy MechanismsSecuRing
 
How secure are webinar platforms?
How secure are webinar platforms?How secure are webinar platforms?
How secure are webinar platforms?SecuRing
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy MechanismsSecuRing
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defenseSecuRing
 
Abusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsAbusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsSecuRing
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleSecuRing
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsSecuRing
 
Budowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSBudowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSSecuRing
 
We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.SecuRing
 
Building & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsBuilding & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsSecuRing
 
Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?SecuRing
 

Plus de SecuRing (20)

Developer in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersDeveloper in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4Developers
 
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
 
Developer in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameDeveloper in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON Name
 
Is persistency on serverless even possible?!
Is persistency on serverless even possible?!Is persistency on serverless even possible?!
Is persistency on serverless even possible?!
 
What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!
 
0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments
 
Developer in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionDeveloper in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 edition
 
20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms
 
How secure are webinar platforms?
How secure are webinar platforms?How secure are webinar platforms?
How secure are webinar platforms?
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defense
 
Abusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsAbusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS apps
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
 
Budowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSBudowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOS
 
We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.
 
Building & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsBuilding & Hacking Modern iOS Apps
Building & Hacking Modern iOS Apps
 
Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?
 

Dernier

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 

Dernier (20)

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 

Attacking AWS: the full cyber kill chain