Getting Started with Hacking AWS ECS
Cloud Security Podcast12 Jan 2023

Getting Started with Hacking AWS ECS

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Gafnit Amiga (Gafnit's Linkedin), VP of Security Research at Lightspin who recently discovered the AWS Elastic Container Registry Public (ECR Public) vulnerability. She spoke to us about how she goes about doing cloud security research and what AWS ECS and ECR is.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Gafnit Amiga (Gafnit's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction
(02:28) snyk.io/csp
(02:57) A bit about Gafnit
(05:15) What is AWS ECS and ECR?
(08:18) Why do people use ECS and ECR?
(09:58) The ECR vulnerability Gafnit discovered
(15:16) Vulnerability scanning for containers in AWS ECR
(16:42) How do you find undocumented APIs in AWS?
(17:58) Attack techniques in AWS
(22:43) How to protect your AWS accounts?
(25:14) Focus areas for Cloud Security Research in 2023
(25:48) Finding vulnerability through research
(29:00) Resources for Cloud Security Research

(31:04) The Fun Section

See you at the next episode!

Episoder(344)

A TECHNICAL WOMEN DELIVERING NON-TECHNICAL TRAINING IN CYBERSECURITY | HOW TO BUILD CYBERSECURITY TRAINING PROGRAM- Fareedah Shaheed, Online Safety and Security Strategist, Sekuva

A TECHNICAL WOMEN DELIVERING NON-TECHNICAL TRAINING IN CYBERSECURITY | HOW TO BUILD CYBERSECURITY TRAINING PROGRAM- Fareedah Shaheed, Online Safety and Security Strategist, Sekuva

In this episode, we sit with Fareedah Shaheed, Online Safety and Security Strategist @Sekuva. Fareedah & Ashish spoke about Importance of being technical for women in cybersecurity? Challenges of ...

29 Mar 202031min

How HASHICORP works with 90 percent Staff works Remotely | Incident Response | AWS Cloud Native! - Will Bengtson

How HASHICORP works with 90 percent Staff works Remotely | Incident Response | AWS Cloud Native! - Will Bengtson

In this episode, we sit with Will Bengtson, Director for Threat Detection and Response, Hashicorp. Will & Ashish spoke about What is Cloud Native & Cloud Security? How do you start with Threat Dete...

22 Mar 202057min

Multi Cloud Strategy | Multi Cloud Management for companies of all size - David Linthicum , Chief Cloud Strategy Officer for Delloite

Multi Cloud Strategy | Multi Cloud Management for companies of all size - David Linthicum , Chief Cloud Strategy Officer for Delloite

In this episode, we sit with David Linthicum, Chief Cloud Strategy Officer for Delloite. David & Ashish spoke about What is Cloud Security? How is security of data different/same in cloud from on-p...

15 Mar 202044min

CCPA COMPLIANCE | CALIFORNIA CONSUMER PRIVACY ACT | DATA GOVERNANCE BEST PRACTICES - TAYLOR HERSOM, VCISO, AUSTIN,TEXAS

CCPA COMPLIANCE | CALIFORNIA CONSUMER PRIVACY ACT | DATA GOVERNANCE BEST PRACTICES - TAYLOR HERSOM, VCISO, AUSTIN,TEXAS

In this episode, we sit with Taylor Hersom, vCISO, Austin,Texas. Taylor & Ashish spoke about Data privacy and Cloud Security California Consumer Privacy Act and how it affects all organisations aro...

8 Mar 202035min

Docker Security Best practice | Container Security 101 in AWS - Michael Hausenblas, Product Developer Advocate, AWS

Docker Security Best practice | Container Security 101 in AWS - Michael Hausenblas, Product Developer Advocate, AWS

Michael Hausenblas is a Product Developer Advocate, Amazon Web Services (AWS) Container Service team. Michael & Ashish spoke about Basics of Container Security Keeping Containers stateless vs buil...

1 Mar 202042min

Threat Intelligence platform for cyber security in Azure | Incident Response in Azure - Ashwin Patil, Threat Intelligence Center, Microsoft

Threat Intelligence platform for cyber security in Azure | Incident Response in Azure - Ashwin Patil, Threat Intelligence Center, Microsoft

Ashwin Patel is a Senior Program Manager, Threat Intelligence Microsoft. Ashwin & Ashish in this episode spoke about Capital One Data breach and how Azure Sentinel could have helped Setting up Secu...

1 Mar 202035min

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

David & Ashish spoke about What is Microsoft Ignite vs Microsoft Ignite Tour and why should cloud security people care about the event? Microsoft Ignite 2020 Sydney and Johannesburg What were th...

16 Feb 202046min

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Feb 202034min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
rss-impressions-2
shifter
rss-ki-praten
fornybaren
rss-alt-vi-kan
smart-forklart
teknologi-og-mennesker
rss-praktisk-proptech
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
rss-ai-forklart
energi-og-klima
rss-teknologioptimistene-energibransjens-it-podcast
pedagogisk-intelligens
rss-for-alarmen-gar
rss-startup