fwd:cloudsec 2023

fwd:cloudsec 2023

Andre Rall

Andre Rall: A Dedicated Cloud Security Professional

Rapid7: Beginning the Journey as a Security Sales Engineer

Andre's career started at Rapid7, a leading provider of security solutions. In his role as a Security Sales Engineer, he facilitated technical conversations with customers and prospects for the company's flagship products. This experience helped him develop a strong foundation in security concepts and customer relations, preparing him for the challenges ahead.

Rackspace: Building Expertise in Security and Operations

After Rapid7, Andre joined Rackspace, a managed cloud computing company, where he spent seven years overseeing various security and operations teams. During this time, he cultivated a deep understanding of network security and the importance of robust, proactive measures to safeguard sensitive data, working with products from Cisco, Duo Security (now part of Cisco), RSA, Alert Logic, and Imperva.

Amazon Web Services: Addressing Account Takeover Challenges

After Rackspace, Andre joined Amazon Web Services (AWS) and dedicated the majority of his time there to the Fraud Prevention organization. He was responsible for overseeing the account takeover division, focusing on detecting and mitigating threat actors aiming to compromise legitimate AWS accounts. His steadfast commitment to protecting AWS customers' data and resources contributed to the company's success in this area.

Uptycs: Advancing Cloud Security Solutions

After five plus years at AWS, Andre joined Uptycs, a leading cloud-native security analytics platform. He now serves as the Director of Cloud Security. In this role, his team identifies cloud security TTPs and researches new cloud security threats, helping customers with their cloud security posture.

Certifications and Commitment to Growth

Holding the AWS Specialty - Security certification, combined with hands-on experience, Andre demonstrates his expertise in the field. He continually strives to learn and adapt, experimenting with different environments to uncover vulnerabilities and strengthen security measures. This dedication to growth helps him stay ahead in the ever-evolving landscape of cloud security.


Session

06-12
10:40
20min
The Unholy Marriage of AWS IAM Roles and Instance Profiles
Andre Rall

Cloud infrastructure teams often focus on traditional security measures like CSPM, DLP, and network protection. However, there are hidden aspects of cloud infrastructure that warrant attention to ensure a robust and secure environment. In this article, we take a deep dive into the lesser-known quirks of AWS Identity and Access Management (IAM) roles and instance profiles, revealing unexpected behaviors that could impact security and resource management.

Our exploration uncovers surprising findings when modifying IAM roles and instance profiles, such as the persistence of role credentials even after removing a role from an instance profile, the discrepancies in credential refresh timings, and the survival of instance profiles after role deletion. We also discuss the implications of these behaviors on security and resource management in AWS ecosystems, highlighting the importance of understanding and managing IAM roles and instance profiles correctly.

Join us as we unravel the mysteries of AWS IAM roles and instance profiles, equipping you with the knowledge to guard your cloud environment against hidden threats and ensure a secure, efficient infrastructure

Control & data
Salon B