all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433

Add to bookmarks
c
Nov. 18, 2022, 6:42 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Ermetic.
Written by Noam Dahan, Ermetic.
IAM433 has a good explanation of how and why permissions boundaries can be circumvented by resource policies. There’s a repeat tomorrow but it’s not recorded (chalk talk). This presentation should be made public and linked from the docs! #reInforce #awsreinforce #awswishlist— Ben Kehoe (@ben11kehoe) July 26, 2022At this year's AWS re:Inforce, session IAM433, AWS Sr. Solutions Architect Matt Luttrell and AWS Sr. Software Engi...

aws aws re:inforce iam policy re:inforce

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Priorities Beyond Email: How SOC Analysts Spend Their Time 4 days, 4 hours ago | cloudsecurityalliance.org
abnormal abnormal security analysts beyond +25
Cl
Ignoring the Change Healthcare Attack Invites a Cycle of Disaster 4 days, 4 hours ago | cloudsecurityalliance.org
adversaries alphv attack authorization +22
Cl
It’s Time to Throw Away the Manual with Evidence Collection 4 days, 18 hours ago | cloudsecurityalliance.org
can changing collection compliance +16
Cl
The Risk and Impact of Unauthorized Access to Enterprise Environments 4 days, 18 hours ago | cloudsecurityalliance.org
access advanced api api security +28
Cl
Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between? 4 days, 18 hours ago | cloudsecurityalliance.org
amp automated automation cloud +15
Cl
Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars … 1 week ago | cloudsecurityalliance.org
alliance best practices certifications clear +19
Cl
Exploring Syscall Evasion – Linux Shell Built-ins 1 week ago | cloudsecurityalliance.org
article can detection evasion +13
Cl
Apple's New iMessage, Signal, and Post-Quantum Cryptography 1 week ago | cloudsecurityalliance.org
apple application attack computers +25
Cl
2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity … 1 week ago | cloudsecurityalliance.org
applications complexity data enterprise +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Incident Response Lead(IR)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Comcast Cybersecurity: Privacy Operations Executive Director

@ Comcast | PA - Philadelphia, 1701 John F Kennedy Blvd
View on infosec-jobs.com