Attack & Defense in AWS Environments

AWS is the most widely used cloud environments today and almost every security professional has to encounter this environment whether you are attacking an organization or defending it. In this fast-paced workshop, we will teach participants with some neat tools, techniques, and procedures to attack the most widely used AWS services as well as to defend them. Below is the broad agenda for the workshop:- Recon / Information Gathering on AWS Services- Attacking S3 buckets- Exploiting web application flaws to compromise AWS services (IAM/KMS)- Attacking Serverless applications- Disrupting AWS Logging- Attacking Misconfigured Cloud SDN Class Duration: 4 hours Takeaways:Students will be able to understand and appreciate the delta in attack surface which gets added due to moving to the cloud. And subsequently, design architecture and develop applications to defend them. What will participants be provided?- PDF copy of slide deck- Lab VM- Workshop lab manual- Bonus labs access for 15 days Target Audience:- Cloud Security Engineers- DevOps engineers- Security Analyst- Penetration Testers- Anyone else who is interested in Cloud Security Prerequisites for students:- Need to have AWS account (Free-tier)- Basic understanding of AWS Materials or Equipment students will need to bring to participate:- Machine with at least 8 GB RAM and 20 GB free HD space- VirtualBox [VMs will be provided]

Presented by