Hands-On Workshop: Destroying Long-Lived Cloud Credentials with Workload Identity Federation | allinfosecnews.com

Oct. 16, 2023, 1:40 p.m. | SANS Cloud Security

SANS Cloud Security www.youtube.com

Attackers have been breaching the cloud for years by stealing long-lived credentials. To combat these attacks, cloud providers have been building improved authentication workflows for external identity providers. This workshop explores Workload Identity Federation and how you can replace long-lived cloud credentials with short-lived tokens signed by an OpenID Connect identity provider. Join Eric Johnson, author of the open-source Nymeria project, to get hands-on experience with the Workload Identity Federation capabilities in GitHub Actions, Azure, AWS, and Google Cloud.

The …

attackers attacks authentication cloud connect credentials external federation identity identity federation identity providers openid openid connect stealing tokens workflows workload workshop

More from www.youtube.com / SANS Cloud Security

JWTs The Good, the Bad, and the Ugly Security Edition 1 month ago | www.youtube.com

bad benefits can good +11

Secure Service Configuration Poster Resource Demo 1 month, 2 weeks ago | www.youtube.com

amazon amazon web services assets aws +28

Multicloud Command Line Cheat Sheet Resource Demo 2 months ago | www.youtube.com

amazon amazon web services aws cheat +23

Cloud Flight Simulator Part 4: Least Privileged Pods with Kubernetes Workloads 2 months, 1 week ago | www.youtube.com

author can cloud cloud security +16

Webcast Cloud Flight Simulator Part 3 Safeguarding the Software Supply Chain 2 months, 2 weeks ago | www.youtube.com

amp authors automation ben +22

Cloud Flight Simulator Part 2: Protecting Kubernetes Clusters with Admission 2 months, 3 weeks ago | www.youtube.com

amp authors automation ben +21

Cloud Flight Simulator Part 1: GitLab CI, Workflows, and Secrets 3 months ago | www.youtube.com

amp authors automation ben +20

2024 Cloud Security Trends and Predictions 3 months, 2 weeks ago | www.youtube.com

and predictions certified cloud cloud security +12

Nate Lee: Building a GenAI Security App for Fun (and No Profit) | Season 2, … 4 months, 2 weeks ago | www.youtube.com

ace app bot building +15

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States

View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US

View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States

View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States

View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)

View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens

View on infosec-jobs.com