Overview
Syllabus
Intro
Cloud is an Operating System
Code of the Operating System
AWS Application
Application Security
Servers
Digital or Virtual
Internet Weather
Guaranteed Failure
Response vs Control
The API
What is my new attack surface
Physical access
Credential exposure
Nuke the entire data center
Traditional controls
API keys
The good news
How to know quickly
Metadata
Cloud Metadata
Wget
Credentials
Unintended Proxy
Prezi
Controlling API Access
Dont Use Your Bill as an ID
Turn on CloudTrail
Excessive Lack of Access Control
DevOps Culture
Tags
EC2 Classic
AWS Buckets
Full Stack Hack
Big Systems
Making Life Easier
Permissions Analysis
Track Change
Other Tools
Questions
Taught by
Black Hat