Getting Started with Hacking AWS ECS
Cloud Security Podcast12 Jan 2023

Getting Started with Hacking AWS ECS

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Gafnit Amiga (Gafnit's Linkedin), VP of Security Research at Lightspin who recently discovered the AWS Elastic Container Registry Public (ECR Public) vulnerability. She spoke to us about how she goes about doing cloud security research and what AWS ECS and ECR is.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Gafnit Amiga (Gafnit's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction
(02:28) snyk.io/csp
(02:57) A bit about Gafnit
(05:15) What is AWS ECS and ECR?
(08:18) Why do people use ECS and ECR?
(09:58) The ECR vulnerability Gafnit discovered
(15:16) Vulnerability scanning for containers in AWS ECR
(16:42) How do you find undocumented APIs in AWS?
(17:58) Attack techniques in AWS
(22:43) How to protect your AWS accounts?
(25:14) Focus areas for Cloud Security Research in 2023
(25:48) Finding vulnerability through research
(29:00) Resources for Cloud Security Research

(31:04) The Fun Section

See you at the next episode!

Episoder(344)

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dylan Ayrey (@insecurenature) is a Professional Hacker and Co-Founder of Truffle Security (@TruffleSecurity-Linkedin) Episode S...

6 Jun 20211h 1min

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brad Geesaman (@bradgeesaman) is a Senior Cloud Native and Kubernetes Security Professional and the Co- Founder of Darkbit (@Da...

30 Mai 202159min

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dan “POP“ Papandrea (@danpopnyc) is the CNCF Ambassador, Director of Open Source Community and Ecosystem (@sysdig) and Podcast ...

23 Mai 202152min

Study Hall - Attacking K8S Cluster Defaults!

Study Hall - Attacking K8S Cluster Defaults!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For...

20 Mai 202125min

Start here for Kubernetes Security - Magno Logan

Start here for Kubernetes Security - Magno Logan

In this episode of the Virtual Coffee with Ashish edition, we spoke with Magno Logan (@MagnoLogan) is the Security Researcher, Trend Micro(@TrendMicro) Episode ShowNotes, Links and Transcript on Cloud...

16 Mai 202158min

Study Hall - Kubernetes Concepts and Architecture Explained!

Study Hall - Kubernetes Concepts and Architecture Explained!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For ...

12 Mai 202119min

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

In this episode of the Virtual Coffee with Ashish edition, we spoke with Mark Manning (@antitree) is the Principal Security Architect at Snowflake(@SnowflakeDB). Before this he used to run Kubernetes ...

9 Mai 202149min

Study Hall - What is Kubernetes & Why do you NEED TO know about it?

Study Hall - What is Kubernetes & Why do you NEED TO know about it?

In this Study Hall - Ashish goes through WHAT IS Kubernetes? What Kubernetes is NOT? & Should you start refactoring or building infrastructure in Kubernetes today? For Similar Topics covered in ot...

5 Mai 202110min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
rss-impressions-2
shifter
fornybaren
teknologi-og-mennesker
smart-forklart
rss-ki-praten
rss-alt-vi-kan
elektropodden
pedagogisk-intelligens
rss-praktisk-proptech
rss-heis
rss-ai-forklart
hans-petter-og-co
nasjonal-sikkerhetsmyndighet-nsm
kortslutning
rss-teknologioptimistene-energibransjens-it-podcast