Metabadger: Automating IMDS Protection at Scale in AWS

Presented at BSidesSF 2022 Rescheduled, June 5, 2022, 1:30 p.m. (25 minutes)

Metabadger is an open source tool that we built at Salesforce that can help you rapidly and safely upgrade your EC2 instances to use IMDSv2 and prevent SSRF-based theft of EC2 Metadata Credentials. In this talk, we'll walk through how we approached and automated this problem to prevent IMDS abuse.

Presenters:

• Ashish Patel
  Ashish enjoys automating manual security hardening and letting the robots do the work for you. You'll often find him working on the challenges we come across in the cloud, application, and infrastructure security space. In his free time, he likes to blog about solving large scale security problems and also contribute to open source tooling.

Links:

• https://bsidessf2022.sched.com/event/rjrI/metabadger-automating-imds-protection-at-scale-in-aws

Similar Presentations:

• Global AppSec - DC 2019 / Salesforce Data Governance: What dark secrets lurk in your instance?
• THOTCON 0x8 (2017) / Transitioning to AWS in a Hurry Without Getting Owned