Demystifying Security in the Cloud: AWS Scout

Presented at AppSec USA 2012, Oct. 25, 2012, 3 p.m. (45 minutes)

The scale and variety of Amazon Web Servers (AWS) has created a constantly changing landscape. What was previously managed by enterprise IT groups is now done through a variety of Amazon-based services, leaving many questions concerning the risk and security of these environments unanswered. This presentation will discuss the most common mistakes that we have seen in the field and show you how to audit them using AWS Scout. Scout is a security tool that lets AWS administrators make an assessment of their environments security posture. Using the AWS API, we can gather configuration data for manual inspection or highlight high-risk areas automatically. Rather than pouring through dozens of pages on the web, we can get an clear view of the attack surface.

Presenters:

• Jonathan Chittenden - iSEC Partners
  Prior to his employment with iSEC, Jonathan worked for the Air Force as a civilian. His roles consisted of reverse engineering malware for both signature and exploitation development. This experience enabled Jonathan to be comfortable working at a low-level with unknown protocols and binaries. During this time, he also assisted in the development of an open-source intelligence application to be used to identify indicators of compromise. During his employment with iSEC Partners, Jonathan has been tasked with a variety of engagements. Of which his memorable projects include performing assessments of a novel application container and custom kernel modules to be used for virtualization. Jonathan has also collaborated and presented on a tool called AWS Scout. Scout helps automate security assessments of several Amazon Web Services. The tool was showcased at Blackhat USA 2012 Arsenal and OWASP AppSec 2012 conference. Recently Jonathan gave a turbo talk at Blackhat USA 2013 on an embedded system called Twine, which covered analysis and findings of the research project. Jonathan graduated with a M.S. in Cyber Security from NYU: Polytechnic and a BBA in Infrastructure Assurance and Information Security from UTSA.Anson Gomes is a security consultant/researcher at iSEC Partners, an information security firm specializing in application, network, and mobile security. Prior to working at iSEC, Anson worked as a software developer and graduated with a M.S. in Computer Science from NYU: Polytechnic.

Links:

• https://appsecusa2012.sched.com/event/Y4HGbc/demystifying-security-in-the-cloud-aws-scout
• https://infocon.org/cons/OWASP/AppSecUSA 2012/Demystifying Security in the Cloud - AWS Scout.mp4

Similar Presentations:

• CackalackyCon 2 (2023) / AWS Security Reference Architecture: A Well-Structured Foundation
• DeepSec 2019 „Internet of Facts and Fears“ / Mastering AWS Pentesting and Methodology
• Black Hat USA 2016 / Hardening AWS Environments and Automating Incident Response for AWS Compromises