How to Kill an AWS Access Key

Presented at BSidesSF 2021 Virtual, March 8, 2021, 1:30 p.m. (30 minutes).

Streaming at <https://youtu.be/Lhd5ldoCuG8> Join us at [r/BSidesSF](https://reddit.com/r/BSidesSF) on Reddit for live AMA style Q&A (2020) AWS Access Keys are great for attackers; powerful and sitting in plaintext. The Security Token Service enables short-lived credentials, but the path to getting that to work for humans isn't simple. Assuming zero level of expertise, we'll cover how our company killed off our static access keys.

Presenters:

  • Benjamin Hering
    Benjamin Hering is a Security Architect at ASAPP. His career focuses on leveraging technology to improve organizations and people in both the for-profit and non-profit spheres; making technology meet people where they are rather than the other way around.

Links:

Similar Presentations: