all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

API Friction Complicates Hunting for Cloud Vulnerabilities. SQL Makes it Simple.

Add to bookmarks
July 6, 2022, 6:44 p.m. | /u/judell

cybersecurity www.reddit.com

*Pen testers, compliance auditors, and other DevSecOps pros spend a lot of time writing scripts to query cloud infrastructure.* [*Boto3*](https://aws.amazon.com/sdk-for-python/)*, the AWS SDK for Python, is a popular way to query AWS APIs and reason over the data they return.*

*It gets the job done, but things get complicated when you need to query across many AWS accounts and  regions. And that doesn't begin to cover API access to other major clouds (Azure, GCP, Oracle Cloud), never mind services such …

api cloud cloud vulnerabilities cybersecurity hunting simple sql vulnerabilities

Visit resource

More from www.reddit.com / cybersecurity

Should I be learning Cybersecurity on my primary machine? 6 hours ago | www.reddit.com
accounting auditor cybersecurity free +7
QSA Says we Can't Provide Public WiFi 7 hours ago | www.reddit.com
campus can cybersecurity event +13
Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | … 8 hours ago | www.reddit.com
bureau chinese chinese government critical +10
What is best practice to prevent man in the middle compromising emails? 10 hours ago | www.reddit.com
attack best practice caught cybersecurity +13
High School English Teacher to Cybersecurity Engineer - A How-to Guide 10 hours ago | www.reddit.com
cybersecurity engineer guide high +16
Just me, or is every vendor's website awful. WHAT DO YOU ACTUALLY DO? 12 hours ago | www.reddit.com
article customers cybersecurity edr +17
We have Crowdstrike for our EDR. Can we use it as our primary SIEM? 12 hours ago | www.reddit.com
can cons cost crowdstrike +13
Web API Security Champion: Broken Object Level Authorization (OWASP TOP 10) 12 hours ago | www.reddit.com
api api security authorization broken object level authorization +9
Cisco Warns of Large-Scale Brute-Force Attacks on VPNs 14 hours ago | www.reddit.com
article attacks brute brute-force +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cloud Security Engineer

@ Pacific Gas and Electric Company | Oakland, CA, US, 94612
View on infosec-jobs.com

Penetration Tester (Level 2)

@ Verve Group | Pune, Mahārāshtra, India
View on infosec-jobs.com

Senior Security Operations Engineer (Azure)

@ Jamf | US Remote
View on infosec-jobs.com

(Junior) Cyber Security Consultant IAM (m/w/d)

@ Atos | Berlin, DE, D-13353
View on infosec-jobs.com
View more jobs