Getting Started with Hacking AWS ECS
Cloud Security Podcast12 Jan 2023

Getting Started with Hacking AWS ECS

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Gafnit Amiga (Gafnit's Linkedin), VP of Security Research at Lightspin who recently discovered the AWS Elastic Container Registry Public (ECR Public) vulnerability. She spoke to us about how she goes about doing cloud security research and what AWS ECS and ECR is.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Gafnit Amiga (Gafnit's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction
(02:28) snyk.io/csp
(02:57) A bit about Gafnit
(05:15) What is AWS ECS and ECR?
(08:18) Why do people use ECS and ECR?
(09:58) The ECR vulnerability Gafnit discovered
(15:16) Vulnerability scanning for containers in AWS ECR
(16:42) How do you find undocumented APIs in AWS?
(17:58) Attack techniques in AWS
(22:43) How to protect your AWS accounts?
(25:14) Focus areas for Cloud Security Research in 2023
(25:48) Finding vulnerability through research
(29:00) Resources for Cloud Security Research

(31:04) The Fun Section

See you at the next episode!

Episoder(344)

What is the future of security operations with AI in 2024?

What is the future of security operations with AI in 2024?

How can AI impact Cloud Security Operations? Ashish sat down with Ely Kahn, VP of Cloud Security and AI at SentinelOne to talk about the evolving landscape of cloud security and the future of Security...

14 Jun 202423min

Cloud Native Security Strategies for 2024

Cloud Native Security Strategies for 2024

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes s...

31 Mai 202431min

Real-World Cloud Security Challenges and Solutions Explained for 2024

Real-World Cloud Security Challenges and Solutions Explained for 2024

What are the practical steps for orienting yourself in a new cloud environment? Ashish sat down with Rich Mogull and Chris Farris to explore the intricacies of effective cloud security strategies. Dra...

21 Mai 202459min

Why Least Privilege Matters in Cloud Security?

Why Least Privilege Matters in Cloud Security?

What's the best way to navigate least privilege complexities in a multi cloud environment? And how is the role of identity management evolving? We spoke to Jeff Moncrief from Sonrai Security on why id...

14 Mai 202426min

How is Kubernetes Network Security Evolving?

How is Kubernetes Network Security Evolving?

How is eBPF impacting Kubernetes Network Security? In this episode, recorded LIVE at Kubecon EU Paris 2024, Liz Rice, Chief Open Source Officer at Isovalent took us through the technical nuances of eB...

30 Apr 202420min

The Future of Software Development with AI

The Future of Software Development with AI

How can we leverage AI for more secure and efficient code and how will it impact devsecops? Ashish spoke to Michael Hanley, CSO and SVP of Engineering at GitHub, about the transformative impact of Git...

23 Apr 202438min

The role of Real Time Defense in Cloud Security

The role of Real Time Defense in Cloud Security

In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared ...

16 Apr 202421min

CISO's guide to embracing risk in business

CISO's guide to embracing risk in business

What is it like to build a successful business based on risk? In this episode Ashish spoke to Fredrick Lee, CISO at Reddit. FLee shared his deep insights into the essential role of risk in driving bus...

9 Apr 202448min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
rss-impressions-2
shifter
rss-ki-praten
fornybaren
rss-alt-vi-kan
smart-forklart
teknologi-og-mennesker
rss-praktisk-proptech
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
rss-ai-forklart
energi-og-klima
rss-teknologioptimistene-energibransjens-it-podcast
pedagogisk-intelligens
rss-for-alarmen-gar
rss-startup