Matt Dean2019-10-15T21:14:54-05:00September 25th, 2019|
SSRF Defense Step 1: Protect Data Storage Targets In previous posts Rich Mogull discussed using IAM Roles to break the attacker kill chain in AWS. We are excited to announce that DisruptOps now supports guardrails
Matt Dean2019-09-10T15:16:50-05:00September 9th, 2019|
Yes, Finding Public S3 Buckets Is Automated and Easy Attackers are automating the discovery of public AWS S3 buckets. Are you automating your security defense? We found a list of over 60,000 public S3 buckets.
If you see me speaking about cloud it’s pretty much guaranteed I’ll eventually say “Cloud security starts with architecture and ends with automation.” I’m nothing if not repetitive. This isn’t a quip, it’s based on working heavily in cloud for
I just got back from the Boston DevOps Days. I really enjoy hanging around DevOps and cloud people. The energy of these conferences is great, and they are genuinely excited about transforming how their organizations build and deploy applications. Many
Continuing from "What Security Managers Need to Know About Amazon S3 Exposures (1/2)"... In our first post we discussed how the exposure of S3 data becomes such an issue, and some details on how buckets become public in the first
The accidental (or deliberate) exposure of sensitive data on Amazon S3 is one of those deceptively complex issues. On the surface it seems entirely simple to avoid, yet despite wide awareness we see a constant stream of public exposures and
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.