SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns

Presented at Black Hat 2020, this presentation looks at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox CAST Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.

Do you know what is internet accessible in your AWS environments? The answer and methodology of how you arrive at the answer may be the difference between missing critical exposures and complete situational awareness. Dynamic and ephemeral exposures are being created on an unprecedented level and your old generation of tools, techniques, and internet scanners can't find them. Let us show you how to find them and what it means for the future of unwanted exposures. A comprehensive asset inventory is step one to any capable security program. What does having an accurate inventory mean to an AWS administrator and ongoing security engineering effort?

Our approach involves leveraging AWS security services and metadata to translate the raw configuration into patterns of targetable services that a security team can utilize for further analysis.

In this presentation we will look at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox Cosmos (previously CAST) Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.

Key Takeaways:

  • Learn how to continuously maintain an inventory of AWS services and understand their internet-exposures
  • Discover how to leverage automation from AWS Access Analyzer and a freely available open source tool from Bishop Fox to operationalize exposure testing
  • See practical demonstrations of how engineering and security teams can determine impact of their security group configurations

Rob Ragan

About the author, Rob Ragan

Principal Researcher

Rob Ragan is a Principal Researcher at Bishop Fox. Rob focuses on pragmatic solutions for clients and technology. He oversees strategy for continuous security automation. Rob has presented at Black Hat, DEF CON, and RSA. He is also a contributing author to Hacking Exposed Web Applications 3rd Edition. His writing has appeared in Dark Reading and he has been quoted in publications such as Wired.

Rob has more than a decade of security experience and once worked as a Software Engineer at Hewlett-Packard's Application Security Center. Rob was also with SPI Dynamics where he was a software engineer on the dynamic analysis engine for WebInspect and the static analysis engine for DevInspect.

More by Rob

Oscar salazar

About the author, Oscar Salazar

Principal Product Researcher

Oscar Salazar is a Principal Product Researcher at Bishop Fox. In this role, he has experience with red teaming, application penetration testing, source code review, network penetration testing, secure software design, and product security reviews. He focuses on research and development of the Continuous Attack Surface Testing (CAST) platform. Oscar has presented at many of the leading security conferences including Black Hat USA, DEF CON, RSA, BSides, Hacker Halted, SyScan 360, and SAS. His research, particularly surrounding anti-anti-automation, has appeared in Wired, eWeek, Fox News, Threatpost, and Gigaom.

Additionally, he has been a featured speaker on the Dark Reading Radio series. Prior to joining Bishop Fox, Oscar served as a web security research engineer at Hewlett Packard's Application Security Center where he designed and developed security checks for the WebInspect web application security scanner. In addition, his research involved developing more effective methods of scanning web applications.

More by Oscar

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.