Secret Agents: Demystifying (and Pwning) Cloud Middleware
07-25, 16:00–16:20 (US/Eastern), Room 1

In this session, we will unveil new research on the unseen risk of "cloud middleware" - the proprietary software that bridges customers' virtual machines and cloud service providers' integrations. We found that this software is commonly installed on customers' virtual machines without the customer’s awareness or explicit consent and can often introduce new potential attack surfaces to cloud environments.

When Microsoft patched vulnerabilities found in the secretly installed agent Open Management Infrastructure (OMI), it was initially the customers' responsibility to update all the vulnerable agents running across their environments - agents they were not aware existed! Even today, the maintenance of implicitly-installed cloud agents does not perfectly fit the shared responsibility model. Are cloud service providers responsible for keeping the agents they are installing up-to-date as most customers expect? In our session, we will present unique statistics regarding how long cloud middleware agents remain vulnerable after exploits are made public, and discuss details about the patching process.

Nir Ohfeld is a security researcher from Israel. Nir currently does cloud-related security research at Wiz. Nir specializes in the exploitation of web applications, application security and in finding vulnerabilities in complex high-level systems.

This speaker also appears in:

Rotem Lipowitch is a threat researcher at the Wiz Research team. She specializes in emerging cyber security threats and vulnerability analysis, researching and developing new ways to detect cyber security threats. Aside from infosec, Rotem loves interior design, painting, and CrossFit.