Workshop: Deep Dive into Cloud Security

Speaker 1

Abstract

Cloud services are the new favorite of attackers. AWS holds a large part of these cloud services. The speakers are going to conduct a hands-on workshop on techniques to conduct security assessments on the AWS environment.


  • Key learning objectives
    • Enumerating AWS running services
    • Testing S3 bucket configuration and permission flaws
    • EC2 instance and application exploitation
    • Pentesting Lambda functions
  • Utilities/Software Requirements
    • Python
    • AWS CLI (https://aws.amazon.com/cli/)
    • PACU (https://github.com/RhinoSecurityLabs/pacu)
    • Scout suite (https://github.com/nccgroup/ScoutSuite)
    • s3 scanner (https://github.com/sa7mon/S3Scanner)
  • System Requirements
    • Linux OS
  • Hardware Requirements
    • Laptop (Min. 8GB RAM)

Mr. Virendra Rathore is Security Analyst at Net Square. He has done BBA from Govt. Bangur P. G. College. He has worked on various projects of vulnerability assessment and penetration. Previously he has served as a Cyber Security Analyst at Pristine InfoSolutions.