Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique -
AWS Security Management with SecurityHub Security has been a top concern with cloud adoption since its inception and as a result, security has been a top concern of cloud vendors as well. To help customers
Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that cloud platform providers are doing
The 4 Biggest Barriers to Cloud Adoption The cloud has fundamentally changed how enterprises structure their IT infrastructure and architecture. We’ve seen analyst reports positing that roughly 90% of enterprises are utilizing the cloud in some form or fashion
SSRF Defense Step 3: Eliminate Excessive IAM Data Access PermissionsThe final guardrail in our SSRF Defense series is all about eliminating IAM policies with excessive data access permissions. For anyone new to this series, these solutions are based on Rich Mogull's
SSRF Defense Step 2: Manage IAM Role Location Restrictions The second guardrail in our SSRF Defense series is all about managing IAM role location restrictions. For anyone new to this series, these solutions are based around Rich Mogull’s post
SSRF Defense Step 1: Protect Data Storage Targets In previous posts Rich Mogull discussed using IAM Roles to break the attacker kill chain in AWS. We are excited to announce that DisruptOps now supports guardrails to automatically ensure you’re not
Yes, Finding Public S3 Buckets Is Automated and Easy Attackers are automating the discovery of public AWS S3 buckets. Are you automating your security defense? We found a list of over 60,000 public S3 buckets. Verdict (a UK-based tech journal)
AWS RDP Scanning I came across a great post from Joseph Wood at HP last week, on the recent dramatic increase in RDP scanning in AWS -- specifically scanning of the RDP port. Down in the comments someone asked, “Why anyone
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.