DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Least privilege using infrastructure as code

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Least privilege using infrastructure as code

    Title: Least privilege using infrastructure as code

    Description:
    Security teams in the cloud are faced with an overwhelming amount of information to process in order to keep their environments secure. Keeping up with everything manually is a difficult, never-ending task where failure can have high consequences. Permissions management can be a time-consuming task, and as a security engineer, you’d often ask your self “how should have access to what?” , “who have access it in the past?” and “Is it OK to remediate those excessive permissions or would it cause a downtime?“.

    In this talk, we will demonstrate a method to automatically secure a live AWS IAM environment to a specific, less-permissive role that best fits the access pattern using the open-source tool: https://github.com/bridgecrewio/AirIAM/ . At the end of the talk, we will have a result in Terraform code with a much smaller attack surface and reduced risk.

    =====

    YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

    #cloudv-general-text: https://discord.com/channels/7082082...33373172285520

    Speaker(s): Nimrod Kor

    Location: Cloud Vlg

    Discord: https://discord.com/channels/7082082...33373172285520

    Event starts: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)

    Event ends: 2020-08-08 11:45 (11:45 AM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T05:42 (UTC).
    Starts
    August 8, 2020 11:00
    Ends
    August 8, 2020 11:45
    Location
    Cloud Vlg
    Last edited by aNullValue; August 8, 2020, 00:18.
Working...
X