(Prevent) Hacking into a CloudService - About security, ECS and terraform AWS UserGroup Hannover Online Meetup Feb, 4th 2021



Yoni: Oftentimes, when we think about protecting resources in the cloud, we immediately think about the typical ways in - via public-facing applications or abuse of credentials. In this talk, we will look at one additional way: through the work unit parameters of a service. During the development of Indeni’s Cloudrail SaaS product, Yoni was responsible for trying to find ways to hack into the service. One of the ways he found, raises questions about how secure ECS workloads really are."

AWS Usergroup Hannover is happy to host this meeting and we are happy that we have Yoni Leitersdorf with us. Why you should also be happy: Se below!

This meetup has two parts:

Part one - short introduction into terraform 20 mins (Gernot)

Main Talk: (Prevent) Hacking into a CloudService - About security, ECS and terraform (Yoni)

By: - Yoni Leitersdorf Oftentimes, when we think about protecting resources in the cloud, we immediately think about the typical ways in - via public-facing applications or abuse of credentials. In this talk, we will look at one additional way: through the work unit parameters of a service. During the development of Indeni’s Cloudrail SaaS product, Yoni was responsible for trying to find ways to hack into the service. One of the ways he found, raises questions about how secure ECS workloads really are."

Bio Yoni Leitersdorf Yoni is the CEO and Founder of Indeni, a provider of security automation tools. Recently, Indeni launched Cloudrail, its tool for doing security validation of Terraform code. Prior to Indeni, Yoni had a mix of software and cybersecurity roles. He’s been in software since the age of 6, when he first started coding, and got his cybersecurity stripes at the Israel Defense Forces and Check Point Software. One of Yoni’s projects in the military earned him the esteemed Israeli Security Prize. When he’s not coding or running a business, Yoni tries to stay married and raise three young kids.

Malte and Gernot are the organizers.

Our main speaker is Yoni! Die Please join us at meetup.com The button for participating is at the bottom of the meetup page. Teilnahme

Malte&Gernot

(Diese Meetup ist auf Englisch.)

Appendix

Want to know more about Cloudrail and indeni? Try it: github

Similar Posts You Might Enjoy

Containers! Containers everywhere!

The newly introduced ECS Anywhere feature lets us use our existing resources as Compute Power in Amazon ECS. Let’s talk about some basics and see how ECS Anywhere can be set up in Terraform! - by Antonia Berg

Find all Lambda-Runtimes in all Accounts: Multi Account Query with steampipe and TASFKAS (the AWS service formerly known as SSO *)

You have got some mails from AWS: [Action Required] AWS Lambda end of support for Node.js 12 [Action Required] AWS Lambda end of support for Python 3.6 [Solution Required] Search all Lambdas in multiple accounts. [Solution Found] Steampipe with AWS multi-account support. Multi-account management is like managing all the arms of a Kraken. I will show you a fast and straightforward solution for this. (* the new offical name is IAM Identity Center, but I think TASFKAS would also fit 😉) - by Gernot Glawe

Prepopulate Lambda Console Testevents without dirty manual work using Terraform

You like Lambda testevents? Great! But with “automate everything”, manual console clicks are considered dirty! Keep your hand clean by automating the creation of Lambda test events. So you can give your team, and yourself prepopulated test events. This example shows you the terraform code - because this is the fastest way. With a little effort, you can translate it to CloudFormation or AWS-CDK! - by Gernot Glawe