Getting Started with Hacking AWS ECS
Cloud Security Podcast12 Jan 2023

Getting Started with Hacking AWS ECS

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Gafnit Amiga (Gafnit's Linkedin), VP of Security Research at Lightspin who recently discovered the AWS Elastic Container Registry Public (ECR Public) vulnerability. She spoke to us about how she goes about doing cloud security research and what AWS ECS and ECR is.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Gafnit Amiga (Gafnit's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction
(02:28) snyk.io/csp
(02:57) A bit about Gafnit
(05:15) What is AWS ECS and ECR?
(08:18) Why do people use ECS and ECR?
(09:58) The ECR vulnerability Gafnit discovered
(15:16) Vulnerability scanning for containers in AWS ECR
(16:42) How do you find undocumented APIs in AWS?
(17:58) Attack techniques in AWS
(22:43) How to protect your AWS accounts?
(25:14) Focus areas for Cloud Security Research in 2023
(25:48) Finding vulnerability through research
(29:00) Resources for Cloud Security Research

(31:04) The Fun Section

See you at the next episode!

Avsnitt(344)

Kubernetes (Goat) Vulnerable by Design - Madhu Akula

Kubernetes (Goat) Vulnerable by Design - Madhu Akula

In this episode of the Virtual Coffee with Ashish edition, we spoke with Madhu Akula (@madhuakula) is an international Kubernetes Security Public Speaker, Black Hat Trainer, Creator of open source rep...

2 Maj 202149min

CISO PERSPECTIVE SERIES: LINKEDIN CISO - Geoff Belknap

CISO PERSPECTIVE SERIES: LINKEDIN CISO - Geoff Belknap

In this episode of the Virtual Coffee with Ashish edition, we spoke with Geoff Belknap (@geoffbelknap) is the Chief Security Officer of Linkedin (@LinkedIn). In this episode, Geoff & Ashish spoke abou...

27 Apr 202153min

Study Hall: Honest truth behind learning Kubernetes

Study Hall: Honest truth behind learning Kubernetes

In this Study Hall - Kelsey Hightower explains is it really complex to learn Kubernetes and whether it's really complex. Nothing but the Honest Trust from Kelsey on this episode. Full Episode on Clo...

27 Apr 20215min

Building Threat Detection for your Cloud Environment

Building Threat Detection for your Cloud Environment

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ashwin Patil (@ashwinpatil) who is a returning guest from Season 1 of the Cloud Security Podcast. Ashwin is a Senior Program Ma...

18 Apr 202150min

Cloud Governance using Infrastructure as Code (IaC)

Cloud Governance using Infrastructure as Code (IaC)

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ohad Maishlish is the CEO & Co-Founder of env0. Host: Ashish Rajan - Twitter @hashishrajan Guest: Ohad Maislish - Linkedin ...

11 Apr 202140min

Kubernetes Security Explained for those starting today! - Kelsey Hightower

Kubernetes Security Explained for those starting today! - Kelsey Hightower

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kelsey Hightower (@kelseyhightower) is the Staff Advocate at Google Cloud (@GoogleCloud) and co-author of “Kubernetes: Up and R...

4 Apr 202154min

Getting Infrastructure as Code (IaC) Security Culture right! - Yoni Leitersdorf

Getting Infrastructure as Code (IaC) Security Culture right! - Yoni Leitersdorf

In this episode of the Virtual Coffee with Ashish edition, we spoke with Yoni Leitersdorf (@yonadavl) who is the CEO & Co-Founder of Indeni Host: Ashish Rajan - Twitter @hashishrajan Guest: Yoni Le...

28 Mars 202143min

Azure Security Best Practices for Cloud Architects - John Savill

Azure Security Best Practices for Cloud Architects - John Savill

In this episode of the Virtual Coffee with Ashish edition, we spoke with John Savill (Linkedin_John Savill) is the Principal Cloud Architect, Author and YouTuber. Host: Ashish Rajan - Twitter @hashi...

21 Mars 202157min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
rss-technokratin
market-makers
skogsforum-podcast
natets-morka-sida
rss-elektrikerpodden
rss-en-ai-till-kaffet
har-vi-akt-till-mars-an
bli-saker-podden
rss-laddstationen-med-elbilen-i-sverige
dom-kallar-oss-krypto
developers-mer-an-bara-kod
hej-bruksbil
rss-snacka-om-ai
rss-upplyst-entreprenordirektor
rss-fabriken-2
rss-veckans-ai
rss-milpodden