A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Building Castles in the Cloud: AWS Security and Self-Assessment - Rami McCarthy BSidesCT 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Building Castles in the Cloud: AWS Security and Self-Assessment
Rami McCarthy
BSidesCT 2019

As comfort and familiarity with cloud computing is now more mainstream companies are leaning more and more on cloud resources to host and run even their most-sensitive technical assets. With these new technologies/innovations come new (and old!) security concerns. As a consultant I?ve had experience breaking into a AWS environments with varying sophistication of security posture and then helping those clients patch holes and harden their environments. This talk with lean on those experiences to provide you with a guide on securing your AWS enviornment and then validating that security. We?ll start by walking through AWS?s Shared Responsibility Model. Then we?ll identify the features of AWS that are most important for security and give tips on best practices and easy wins. After establishing these security standards we?ll take a quick look at a few (free) tools for auditing AWS configurations including NCC Group?s own open-source ScoutSuite. You?ll leave this talk with concrete next steps for improving your own cloud security posture

Back to BSidesCT 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast