Cloud Security Lab a Week (S.L.A.W)
One cloudsec lab. 15-30 minutes. Every week.
You want free training? We got free training!
Last week we learned how to misconfigure S3 ACLs. This week we learn how to misconfigure bucket policies. It's important to see why we don't run with scissors.
Before we learn all the cool ways to prevent data leaks, we're going to... leak some data so you know how these messes keep happening.
We've covered a ridiculous amount in this block, so let's pull it together and see why it all matters.
Learn how to create an EBS volume from a snapshot and attach it to a forensics analysis (sorta) server.
Today we'll learn about snapshots with a real-world security scenario that combines snapshots, cross-account sharing, and a Crime Scene Investigation.
The user-data field isn't only for passing in secrets — it can tell an instance to run commands. Today we'll learn how attackers abuse it.
The user-data field is a powerful tool for automation, but can be a major source of risk.
Today we learn how IAM roles work with instances, and how an older (and widely used) essential mechanism can be easily exploited.
Remember how I said to never use IAM users, or give them access keys? Today you'll learn why, as you hack one of my accounts (sorta).
Time to see our hard work in action, as we deliberately expose an instance to see what happens.
We learn a cool way to log activity into S3 using Session Manager
We've been using Session Manger in our labs. Today we'll level up with logging and command line access.