all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From ‘huh ’ to privilege escalation finding vulnerabilities from a bug in the AWS... - Ben Bridts

Add to bookmarks
July 13, 2023, 8:53 p.m. | fwd:cloudsec

fwd:cloudsec www.youtube.com

Abstract: Security research is not something that’s only done by dedicated teams and companies. Sometimes it will be a developer or platform engineer that makes the jump from “that’s not how I expect it to work” to “that’s not how it’s supposed to work”.

In this talk we’ll walk through the process we took when we found strange behaviour in the AWS console, tried to debug what’s going wrong and ended up finding an API that didn’t check iam:PassRole correctly. …

aws ben bug companies developer engineer escalation expect platform privilege privilege escalation research security security research teams vulnerabilities work

Visit resource

More from www.youtube.com / fwd:cloudsec

How Citi Advanced Their Containment Capabilities Through Automation - Damien Burks, Elvis Veliz 9 months, 1 week ago | www.youtube.com
advanced automation automation and orchestration aws +19
Google Cloud Threat Detection: A Study in Google Cloud - Day Johnson 9 months, 1 week ago | www.youtube.com
cloud detection finger google +7
Vulnerabilities and Misconfigurations in GitHub Actions - Rojan Rijal 9 months, 1 week ago | www.youtube.com
actions attack attack vectors cd pipeline +11
It's Just a Name, Right - Nathan Eades 9 months, 1 week ago | www.youtube.com
access attack aws cloud +17
AWS Presigned URLs The Good, The Bad, and The Ugly - Jarom Brown 9 months, 1 week ago | www.youtube.com
access actions attack attackers +13
Success Criteria for your CSPM - David White 9 months, 1 week ago | www.youtube.com
check claim cspm environment +6
Beyond the AWS Security Maturity Roadmap - Rami McCarthy 9 months, 1 week ago | www.youtube.com
aws beyond build cloud +11
Welcome - Aaron Zollman 9 months, 1 week ago | www.youtube.com
aaron conference expect
fwd:cloudsec State of the Union - Scott Piper 9 months, 2 weeks ago | www.youtube.com
cloud cloud security conference drive +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs