SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns
Black Hat USA 2020 presentation looks at pragmatic ways to answer vital security questions in your AWS environment.
Presentation by Rob Ragan at Black Hat USA 2020
Do you know what's internet accessible in your AWS environments? The answer and methodology of how you arrive at the answer may be the difference between missing critical exposures and complete situational awareness.
Dynamic and ephemeral exposures are being created on an unprecedented level and your old generation of tools, techniques, and internet scanners can't find them.
In this presentation we look at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox CAST Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.
- Learn how to continuously maintain an inventory of AWS services and understand their internet-exposures.
- Discover how to leverage automation from AWS Access Analyzer and a freely available open source tool from Bishop Fox to operationalize exposure testing.
- See practical demonstrations of how engineering and security teams can determine impact of their security group configurations.