BSides Birmingham 2023

Cloud Misconfigurations and Breaches
2023-10-28 , Ballroom D

In this talk, I give an overview of different cloud misconfigurations that have led to a variety of breaches. I also discuss different remediation steps corresponding to each misconfiguration.


This talk deep dives into some of the biggest cloud-related breaches, such as Capital One, Uber 2016, Chegg, and many more. We also dive into the initial misconfigurations that allowed these attacks to happen some of which include, S3 Bucket Access issues, Poor Secrets Management, and Monitoring/Logging issues.


Talk Categories:

Blue, Beginner

Mark Gaddy recently graduated from the University of West Florida with a degree in Cyber Security. At the University of West Florida, Mark was President of the Cyber Security Club, competing in red and blue team competitions. Mark is the IT Director at Calvary Academy and is working towards doing more vulnerability research and gaining certifications in the offensive security space.