This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Here’s the schedule for this year. Registering here does not count. You MUST register to attend any of these. You may register here: https://www.bsidesslc.org/registration.html

You cannot manually add workshops to your schedule. You need to go register for them at https://www.bsidesslc.org/signup.html, and then the workshp will be added to your schedule.
View analytic
Thursday, March 9 • 11:00am - 12:00pm
Pwned Cloud Society: Exploiting and Expanding Access within Azure & AWS
Feedback form is now closed.
With more companies rapidly leveraging cloud providers for services, how do we more effectively exploit and expand access within these cloud-based environments?
 This session will help you hit the ground running with your next security assessment by demonstrating common weakness and misconfigurations I have seen in real world AWS and Azure implementations. This includes leveraging undocumented features to expand access, pivoting from the compute layer to cloud management interfaces, and manipulating logging to cover your tracks.
 Never fear, I will also show you some of the latest techniques on how organizations can better secure information systems within Azure & AWS by leveraging both standard cloud hardening techniques as well as implementing some unique and unconventional detection techniques.
 Cloud: it's a privilege, not a right.


Bryce Kunz

Bryce Kunz (@TweekFawkes) is an Senior Threat Specialist located within the Silicon Slopes who oversees active red team operations while researching unique access vectors primarily for cloud-based technologies (e.g. serverless compute, orchestration systems, etc...)

Thursday March 9, 2017 11:00am - 12:00pm
Track 2 Salt Palace Convention Center

Twitter Feed