Getting Started with Hacking AWS ECS
Cloud Security Podcast12 Jan 2023

Getting Started with Hacking AWS ECS

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Gafnit Amiga (Gafnit's Linkedin), VP of Security Research at Lightspin who recently discovered the AWS Elastic Container Registry Public (ECR Public) vulnerability. She spoke to us about how she goes about doing cloud security research and what AWS ECS and ECR is.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Gafnit Amiga (Gafnit's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction
(02:28) snyk.io/csp
(02:57) A bit about Gafnit
(05:15) What is AWS ECS and ECR?
(08:18) Why do people use ECS and ECR?
(09:58) The ECR vulnerability Gafnit discovered
(15:16) Vulnerability scanning for containers in AWS ECR
(16:42) How do you find undocumented APIs in AWS?
(17:58) Attack techniques in AWS
(22:43) How to protect your AWS accounts?
(25:14) Focus areas for Cloud Security Research in 2023
(25:48) Finding vulnerability through research
(29:00) Resources for Cloud Security Research

(31:04) The Fun Section

See you at the next episode!

Avsnitt(344)

AWS Security - Managing Threat Detection and Response

AWS Security - Managing Threat Detection and Response

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ely Khan (@elykahn) is the Principal Product Manager at AWS (@AWS). Episode ShowNotes, Links and Transcript on Cloud Security P...

21 Juli 202146min

Cloud Security RoadMap - Scott Piper

Cloud Security RoadMap - Scott Piper

In this episode of the Virtual Coffee with Ashish edition, we spoke with Scott Piper (@0xdabbad00) is a AWS Security Legend who has written AWS Security tools for the community and among other things ...

18 Juli 20211h 4min

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

In this episode of the Virtual Coffee with Ashish edition, we spoke with Patrick Pushor (@CloudChronicle) is the Technical Evangelist at Orca Security (@OrcaSec). Episode ShowNotes, Links and Transcri...

11 Juli 202149min

Cloud Infrastructure Security at Scale - Netflix

Cloud Infrastructure Security at Scale - Netflix

In this episode of the Virtual Coffee with Ashish edition, we spoke with Srinath Kuruvadi (@Srinath Kuruvadi) is the Head of Cloud Infrastructure Security at Netflix (@Netflix). Episode ShowNotes, Lin...

4 Juli 202149min

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Cochran (@chriscochrcyber) and Ronald Eddings (@ronaldeddings) are the host of a CyberSecurity Podcast called Hacker Vall...

27 Juni 202137min

Finding Security Bugs in Google Cloud - Kat Traxler

Finding Security Bugs in Google Cloud - Kat Traxler

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kat Traxler (@nightmarejs) is the Cloud Security Engineering Lead, Best Buy(@BestBuy). Episode ShowNotes, Links and Transcript ...

20 Juni 202137min

Hacker stories from the Internet - Darknet Diaries

Hacker stories from the Internet - Darknet Diaries

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jack Rhysider (@jackrhysider) is the host of Award Winning CyberSecurity Podcast Darknet Diaries (@DarknetDiaries). Episode Sho...

13 Juni 202157min

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

In this Mid Week special episode of the CISO Perspective edition, we spoke with Andy Ellis (@csoandy) is the Operating Partner at YL Ventures (@YLVentures) and the ex-CISO of Akamai (@Akamai). Episode...

10 Juni 202142min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
rss-technokratin
market-makers
skogsforum-podcast
natets-morka-sida
rss-elektrikerpodden
rss-en-ai-till-kaffet
har-vi-akt-till-mars-an
bli-saker-podden
rss-laddstationen-med-elbilen-i-sverige
dom-kallar-oss-krypto
developers-mer-an-bara-kod
hej-bruksbil
rss-snacka-om-ai
rss-upplyst-entreprenordirektor
rss-fabriken-2
rss-veckans-ai
rss-milpodden