Overview
Explore potential security risks associated with Terraform, a popular infrastructure-as-code tool, in this 35-minute conference talk from LASCON. Discover how malicious actors can exploit Terraform to elevate privileges, exfiltrate sensitive data, and gain unauthorized access to cloud environments. Witness live demonstrations of real-world attack scenarios and learn practical recommendations for securing Terraform implementations to protect your infrastructure from potential threats.
Syllabus
Mike McCabe - Infrastructure as Remote Code Execution: How to abuse Terraform to elevate access
Taught by
LASCON