On-Demand Webinar: AWS EC2 IMDS

What You Need to Know

[On Demand]

Are you using AWS EC2? 

If so, whether you realize it or not, you are likely using Instance Metadata Service (IMDS), a significant component of EC2 instances. 

Many users know IMDS as an invaluable instrument for seamlessly maintaining and supplying credentials for applications running on instances to access resources in AWS. Not knowing enough about how it works - and not applying this knowledge to configure the instances correctly - might put your credentials at risk of being exfiltrated, exposing your environments to malicious activity. 

Listen to our on-demand webinar, where we review how to implement EC2 IMDS - focusing on the two versions of its API and how they differ. We explore why it’s important to know and how to configure it correctly for new instances, how to responsibly reconfigure it more securely for existing instances, what may still put them at risk and what security lessons to take away from this analysis. 

We also present real stats about proper IMDS usage from our experience securing massive amounts of workloads in our research work for a leading cloud security vendor. In addition, we demonstrate how vulnerable software may be leveraged by an attacker to gain access to credentials - even when IMDSv2 is enforced.

Join us to learn more about: 

  • Why it is important to enforce IMDSv2 on your instances
  • What tools you have available to enforce it responsibly
  • How using vulnerable software can expose your instance to credential theft
  • What compensating controls can be used to make up for such vulnerabilities?

Presented by:

  • Lior Zatlavi, Ermetic Sr. Cloud Security Architect
  • Liv Matan, Ermetic Security Researcher


Fill in your details to register for the webinar!