Unmasking Data Leaks: A Guide to Finding, Fixing, and Prevention

BSides SATX 2019

Presented by: Jordan Wright
Date: Saturday June 08, 2019
Time: 10:00 - 10:50
Location: UC Conference Room A
Track: In the Weeds

As organizations shift to cloud-storage platforms such as Elasticsearch and MongoDB to store data, we've also seen a rise in massive data leaks as a result of these databases being mistakenly misconfigured and exposed publicly. If you've ever wondered how researchers discover and report these databases, this talk is for you! In this talk, we'll live-code a system that searches data sources like Shodan to discover public databases, triage them, and report them to their owners. Finally we'll talk about how to set up and configure these databases to prevent data leaks and protect your organization.

Jordan Wright

Jordan Wright is a lead research engineer on the Duo Labs team at Duo Security. He has experience on both the offensive and defensive side of infosec, and enjoys contributing to open-source software as well as performing security research.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats