2023-11-04 –, TRACK 2
Cloud services are often deployed without realising what assets are publicly being exposed. This has led to data breaches in the past, such as in 2017 where 198 million voter records were exposed through a public s3 bucket. However, as companies move more security critical components of their infrastructure to the cloud this risk constantly grows. This talk will give attendees a methodology for finding exposed cloud assets, as well as a new technique which can be used to find instances of most AWS services. It details current cloud asset enumeration techniques and uses AWS Cognito as a case study to show how an exposed cloud asset could allow an attacker to gain a foothold into an AWS environment or gain unauthorised access to an application. It concludes with a new technique which can identify millions of exposed cloud assets at scale using certificate transparency logs.
Shahnoor Kiani is a London-based security consultant at WithSecure specialising in Cloud Security. He comes from a cloud development background and has been researching applying OSINT techniques to cloud assets with the goal of identifying misconfigured cloud assets exposed to the internet. This interest has led him to research AWS Cognito, since he believes cloud-based identity providers present an emerging threat to companies who do not manage their assets properly. Outside of work he enjoys cooking and baking. He also skates occasionally and enjoys singing and playing the guitar.