How to Kill an AWS Access Key

Presented at BSidesSF 2021 Virtual, March 8, 2021, 1:30 p.m. (30 minutes)

Streaming at <https://youtu.be/Lhd5ldoCuG8> Join us at [r/BSidesSF](https://reddit.com/r/BSidesSF) on Reddit for live AMA style Q&A (2020) AWS Access Keys are great for attackers; powerful and sitting in plaintext. The Security Token Service enables short-lived credentials, but the path to getting that to work for humans isn't simple. Assuming zero level of expertise, we'll cover how our company killed off our static access keys.

Presenters:

• Benjamin Hering
  Benjamin Hering is a Security Architect at ASAPP. His career focuses on leveraging technology to improve organizations and people in both the for-profit and non-profit spheres; making technology meet people where they are rather than the other way around.

Links:

• https://bsidessf2021.sched.com/event/iD61/how-to-kill-an-aws-access-key

Similar Presentations:

• BSidesSF 2021 Virtual / Switched On: Behavioral Science, hypervigilance, and the human impact of cyber-defense and crisis management
• BSidesSF 2021 Virtual / So you're the first security hire
• BSidesSF 2021 Virtual / Closing Remarks