Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference

USENIX via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a critical security presentation from USENIX Security '23 focusing on the vulnerabilities of cloud services used by mobile applications. Delve into the research conducted by experts from the University of Central Florida, Meta, ServiceNow, and Indiana University Bloomington, which examines the security implications of over-privileged cloud credentials. Learn about their systematic approach to recovering cloud credentials from apps, inferring cloud capabilities, and verifying if these capabilities exceed legitimate needs. Discover the findings from a large-scale study of approximately 1.3 million apps across AWS, Azure, and Alibaba Cloud platforms, revealing that 27.3% of apps using cloud services expose over-privileged credentials. Gain insights into new types of attacks enabled by regular cloud credentials, including spear-phishing through push notifications and targeted user data pollution. Understand the impact of this research, which has led to over 300 app vendors addressing the identified security issues.

Syllabus

USENIX Security '23 - Credit Karma: Understanding Security Implications of Exposed Cloud Services...

Taught by

USENIX

Reviews

Start your review of Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.