Explore a comprehensive security conference talk that delves into the vulnerabilities and potential exploits within OpenID Connect (OIDC) implementations in cloud environments. Learn the fundamentals of OIDC, including its core components and interactions between different entities, particularly in CI/CD workflows. Discover various attack vectors stemming from misconfigurations and under-configurations, from both user and Identity Provider perspectives. Examine real-world examples of security vulnerabilities, including a significant finding in a major CI vendor that enabled unauthorized access to customer cloud environments. Master the understanding of OIDC security implications as organizations transition from static credentials to this more modern authentication method, with practical demonstrations of how seemingly secure configuration options can lead to system compromises. Gain insights into how leaked OIDC tokens from a single repository can be leveraged to access private clouds, and understand the security implications of Identity Provider misconfigurations.
Abusing OIDC Authentication for Cloud Security Vulnerabilities
Overview
Syllabus
DEF CON 32 - OH MY DC Abusing OIDC all the way to your cloud - Aviad Hahami
Taught by
DEFCONConference
Related Courses
-
Secure the Build, Secure the Cloud: Using OIDC Tokens in CI/CD Pipelines
-
Security & Identity Fundamentals
-
OIDC and CI/CD: Reducing Security Threats in Your CI Pipeline
-
Master SAML 2.0 with Okta
-
GitHub Azure AD OIDC Authentication for Actions
-
From Keyless to Careless - Abusing Misconfigured OIDC Authentication in Cloud Environments
