Tweet
Title: Least privilege using infrastructure as code
Description:
Security teams in the cloud are faced with an overwhelming amount of information to process in order to keep their environments secure. Keeping up with everything manually is a difficult, never-ending task where failure can have high consequences. Permissions management can be a time-consuming task, and as a security engineer, you’d often ask your self “how should have access to what?” , “who have access it in the past?” and “Is it OK to remediate those excessive permissions or would it cause a downtime?“.
In this talk, we will demonstrate a method to automatically secure a live AWS IAM environment to a specific, less-permissive role that best fits the access pattern using the open-source tool: https://github.com/bridgecrewio/AirIAM/ . At the end of the talk, we will have a result in Terraform code with a much smaller attack surface and reduced risk.
=====
YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ
#cloudv-general-text: https://discord.com/channels/7082082...33373172285520
Speaker(s): Nimrod Kor
Location: Cloud Vlg
Discord: https://discord.com/channels/7082082...33373172285520
Event starts: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 11:45 (11:45 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T05:42 (UTC).
Description:
Security teams in the cloud are faced with an overwhelming amount of information to process in order to keep their environments secure. Keeping up with everything manually is a difficult, never-ending task where failure can have high consequences. Permissions management can be a time-consuming task, and as a security engineer, you’d often ask your self “how should have access to what?” , “who have access it in the past?” and “Is it OK to remediate those excessive permissions or would it cause a downtime?“.
In this talk, we will demonstrate a method to automatically secure a live AWS IAM environment to a specific, less-permissive role that best fits the access pattern using the open-source tool: https://github.com/bridgecrewio/AirIAM/ . At the end of the talk, we will have a result in Terraform code with a much smaller attack surface and reduced risk.
=====
YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ
#cloudv-general-text: https://discord.com/channels/7082082...33373172285520
Speaker(s): Nimrod Kor
Location: Cloud Vlg
Discord: https://discord.com/channels/7082082...33373172285520
Event starts: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 11:45 (11:45 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T05:42 (UTC).