Put a Lid on Those AWS S3 Buckets | Lily Lee and Melisa Napoles

Channel:
United States SANS Institute
Subscribers:
64,200
Published on ● Video Link: https://www.youtube.com/watch?v=9me6nUFXkTw


Duration: 32:31
353 views
7

Lily Lee, Staff Security Strategist, Splunk
Melisa Napoles, Security Engineer, Splunk
#SANSCloudSummit 2020

In previous sessions, the presenters have talked about the Amazon Web Services (AWS) shared responsibility model and some great places to start collecting data for continuous security monitoring in a cloud world. They’ve even discussed how to make use of these data to detect evil. For this presentation they’re back with a real-life issue: misconfigured AWS S3 buckets leading to a security breach. They’ll walk through an attack scenario that demonstrates how an attacker can exploit a misconfiguration and plant cryptomining code that exploits a system’s resources. Attend this talk to learn methods to identify and detect these types of incidents as you fulfill your end of the shared responsibility model.

SANS Summit schedule: http://www.sans.org/u/DuS



Other Videos By SANS Institute


2020-10-20You Are the Prize: How to Hire the Right Boss and Employer for a More Fulfilling Career | InfoSteph
2020-10-16Human Aspects of Ransomware
2020-10-14Using COVID-19 to Exploit Fear, Uncertainty, and Doubt (FUD)
2020-10-01PowerShell 2020: State of the Art / Hack / Infection - SANS@Mic Keynote Network Security
2020-09-29Threat Hunting in the Microsoft Cloud: Times They Are a-Changin' | John Stoner
2020-09-28Securing Cloud Deployments: A Red Team Perspective | Matt Burrough
2020-09-25The Value of Commercial Threat Intelligence Sources | STAR Webcast
2020-09-25Lessons Learned from Cloud Security Incidents, Past and Present | Dave Shackleford
2020-09-24Doing Cloud in China | Kenneth G. Hartman
2020-09-23SANS Live Online Testimonial Compilation
2020-09-23Put a Lid on Those AWS S3 Buckets | Lily Lee and Melisa Napoles
2020-09-22Building a Pipeline for Secure Virtual Machines in AWS | Shaun McCullough
2020-09-15What’s New in SEC401: Security Essentials Bootcamp Style
2020-09-14Intro to Web Applications: What the Heck is a Web App? - SANS Cyber Camp
2020-09-14Cyber Security Awareness for Online Safety - SANS Cyber Camp
2020-09-14Cyber Camp Panel - SANS Cyber Camp
2020-09-14Introduction to Network Analysis Workshop - SANS Cyber Camp
2020-09-14Be Smarter Than the Smartphone Workshop - SANS Cyber Camp
2020-09-14Introduction to SANS Cyber Camp
2020-09-14The Hidden Information in Photos - SANS Cyber Camp
2020-09-14A Teenagers Perspective on Helping Your Parents Help You - SANS Cyber Camp


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training