Skip to main content
back to agenda
on this page

Exploitation and automated detection of threats to modern cloud infrastructure

  • 17:00
  • Wed
  • 15 Nov
Briefing Stage 3


Modern cloud platforms, such as AWS, GCP and Azure have radically changed the way business develop and deploy applications. These platforms offer highly capable managed services, including compute, storage, key management, containers, and so on. Complex systems often suffer from security problems. While the Cloud Service Provider (is responsible for securing the hardware and low-level services, the customer is responsible for securely developing, configuring and deploying their own applications. This is referred to as the shared responsibility model.

Cloud security is notoriously hard. Maintaining a once-secured cloud is even harder due to the rapidly changing landscape in most cloud deployments. Cloud-related vulnerabilities have increased by a whopping 540% in the last six years. Developers are trained to develop and deploy fast. Security is NOT their job. Security and regulatory compliances require a strong cloud security posture, and any violation can attract heavy penalties. As this becomes a increasingly worsening problem, business continue to increase investments in cloud security.

In this presentation, we will talk about practical exploitation of vulnerabilities in cloud services and resources. This presentation will NOT cover application security topic – an area that gets all the attention, while cloud security often takes a backseat. We will show how scarily easy it is to attack misconfigured services such as AWS Security Groups, databases, S3 buckets and Network ACLs. After our demonstration of the exploits, we’ll discuss techniques for automated scanning of various AWS services and resources. We conclude with a discussion on present-day cloud security compliance and regulatory standards.