all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Hole in the Bucket: The Risk of Public Access toCloud Native Storage

Add to bookmarks
Dec. 15, 2023, 10:35 p.m. | SANS Offensive Operations

SANS Offensive Operations www.youtube.com

In this session, we’ll explore how allowing public access to AWS S3 Buckets, Azure Blobs and similar cloud storage services can risk exposing sensitive files in the cloud. Misconfigurations and legacy defaults are often to blame for this and can go unnoticed for years. A common way of dealing with this issue is indexing publicly accessible buckets and blobs. However, there are “holes in the bucket” that emerge from using this technique, as not all files are easily searched. Using …

access aws aws s3 azure azure blobs blobs cloud cloud storage exposing files legacy misconfigurations public risk s3 buckets sensitive services session storage

Visit resource

More from www.youtube.com / SANS Offensive Operations

Mastering Adversary Emulation with Caldera: A Practical Guide 1 month, 2 weeks ago | www.youtube.com
adversary adversary emulation application bolster +16
The Second Rule of Hacking: There Are No Rules 1 month, 2 weeks ago | www.youtube.com
attacks block businesses cat +13
From Pentest to Red Team: Overview of The Necessary Skills and Breakdown of Frameworks 1 month, 2 weeks ago | www.youtube.com
dave frameworks guide informative +10
OT Pen-testing: How Not to Sink an Oil Rig 1 month, 2 weeks ago | www.youtube.com
adversary adversary emulation application bolster +19
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster 1 month, 2 weeks ago | www.youtube.com
assessment attacks author course +16
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 1 month, 4 weeks ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
Learn About SEC565: Red Team Operations and Adversary Emulation 2 months, 4 weeks ago | www.youtube.com
adversary adversary emulation course emulation +21
A Compendium of Exploits and Bypasses for eBPF-based Cloud Security 4 months, 1 week ago | www.youtube.com
basic cloud cloud security ebpf +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Officer Hospital Laguna Beach

@ Allied Universal | Laguna Beach, CA, United States
View on infosec-jobs.com

Sr. Cloud DevSecOps Engineer

@ Oracle | NOIDA, UTTAR PRADESH, India
View on infosec-jobs.com

Cloud Operations Security Engineer

@ Elekta | Crawley - Cornerstone
View on infosec-jobs.com

Cybersecurity – Senior Information System Security Manager (ISSM)

@ Boeing | USA - Seal Beach, CA
View on infosec-jobs.com

Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs