Unveiling the Vulnerabilities: Hacking Cloud Native Apps and Discovering the Silver Lining

Explore the critical security vulnerabilities in cloud-native applications through this comprehensive conference talk. Delve into the risks associated with cloud storage services like S3/GCP Buckets, Cognito/SSO OAuth implementations, and API endpoint protection. Gain valuable insights into identifying, exploiting, and mitigating vulnerabilities in user authentication systems, cloud storage services, and API-based microservices using serverless lambda functions. Learn practical techniques for manual penetration testing and automated tool usage to enhance the security of cloud-native applications. Discover the unique challenges and opportunities presented by cloud infrastructure, including technological advancements, resource availability, and cost savings compared to traditional setups. Walk away with essential knowledge on implementing effective mitigation strategies to safeguard cloud-native applications against potential security threats.