DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Have my keys been pwned? - API Edition

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Have my keys been pwned? - API Edition

    Current status quo of credential management in cloud related DEVOPS environments enables attackers to easily obtain leaked credentials. This presentation showcases how leaked credentials in public repositories can potentially lead to further compromise in enterprise environments.The focus will be on the DEVOPS attack surface and the toolchains involved within this process in cloud platform environments. Presenters will use a recently released tool (Git Wild Hunt) to show how public leaks can lead to further compromise of individuals and enterprises with actual examples of derived information from compromised secrets. An analysis of credentials leaked globally and its source (company affected and user) will be provided as examples.

    Speaker(s): José Hernandez, Rod Soto

    Location: Red Team Vlg

    Discord: https://discord.com/channels/7082082...77357820411944

    Event starts: 2020-08-09 15:00 (03:00 PM) PDT (UTC -07:00)

    Event ends: 2020-08-09 16:00 (04:00 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:28 (UTC).
    Starts
    August 9, 2020 15:00
    Ends
    August 9, 2020 16:00
    Location
    Red Team Vlg
Working...
X