On-Demand Webinar: Understanding Attack Tactics to Better Secure Your AWS Environment

[On-Demand]

AWS is one of the most popular providers hosting cloud infrastructure for some of the world’s largest organizations. No surprise, then, that it has become a prime target for attack groups, which have built many exploits and attack techniques specifically aimed at AWS accounts. 

Watch our recent workshop, where we simulate an attack pathway using an open source framework (CloudGoat) that provisions vulnerable infrastructure. 

After simulating the attack and breaking down its components, we look at configurations / tools that could have been used to prevent parts of the attack path or significantly mitigate risk. We show you how to perform these implementations and give you the opportunity to do so during the workshop. We also demonstrate additional abilities provided by the Ermetic platform for a more advanced solution.

The workshop is meant for DevOps professionals with an interest in security and who have basic knowledge of AWS and CLI tools. 

On top of demonstrating CloudGoat, this workshop provides a great intro to topics such as: 

  • How to limit the usage of IAM Users access keys and IAM users in general to reduce risk from their mismanagement
  • How to reduce the permissions granted to identities in AWS 
  • How to avoid storage of sensitive information in non-sensitive locations 
  • Why you should enforce usage of IMDSv2 on your EC2 instances as much as possible 
Hosted by:
Lior Zatlavi, Sr. Cloud Security Architect, Ermetic 

 

Fill in your details to watch the webinar!