Feb. 5, 2024, 6:27 p.m. | Black Hat

Black Hat www.youtube.com

...In this talk I will explore the attack surface of the AWS API, and share multiple vulnerabilities I discovered that allowed me to bypass CloudTrail logging for different AWS services. These vulnerabilities have now been fixed by AWS....

By: Nick Frichette

Full Abstract and Presentation Materials: https://www.blackhat.com/us-23/briefings/schedule/#evading-logging-in-the-cloud-bypassing-aws-cloudtrail-32741

api attack attack surface aws aws cloudtrail bypass bypassing cloud cloudtrail logging logging in nick services share vulnerabilities

Product Management Director - Application Security

@ Salesforce | India - Hyderabad

Security Leader - Ambulatory Monitoring & Diagnostics

@ Philips | Malvern - B1

Senior Security Analyst

@ NVIDIA | US, CA, Santa Clara

Cyber Risk & Reg - Control Testing Manager - BLR

@ PwC | Kolkata (AC) - Bengaluru Quay - Bagmane Tech Park (KSDC)

Security Engineer

@ Salesforce | California - San Francisco

Senior Security Engineer

@ Remitly | Tel Aviv, Israel