Secrets and Shadows: Leveraging Big Data for Vulnerability Discovery

Explore an innovative DEF CON conference talk that revolutionizes traditional vulnerability discovery approaches by leveraging unconventional data sources and big data analytics. Dive into scalable security research methodologies that move beyond targeting specific platforms or applications, instead focusing on identifying vulnerabilities first and then connecting them to potential targets. Learn about two key examples - forgotten cloud assets and leaked secrets - while understanding the underlying design flaws that make them possible. Discover how this groundbreaking approach has uncovered tens of thousands of significant security weaknesses in major organizations worldwide. Gain insights into the systemic incentives that create these vulnerabilities and explore industry-wide solutions to address these ecosystem issues. Master scalable techniques for identifying commonly overlooked bugs and understand the potentially devastating impact of seemingly minor misconfigurations in cybersecurity.