The presentation discusses the challenges of securing cloud infrastructure, particularly in relation to public APIs and credential theft. The presenters propose an alternative approach using graphs to identify and fix dangerous misconfigurations.
- Cloud infrastructure adds new management layer and security challenges that need to be well understood and secured
- Credential theft is a well-known attack vector used by many adversaries
- The use of public APIs introduces a new attack surface that traditional defenses cannot protect
- The presenters propose an alternative approach using graphs to identify and fix dangerous misconfigurations
- The tool should contain a large number of attack techniques, be recursive, and sort results by risk
The presenters provide an example of how an attacker can gain access to high-value resources by stealing user secrets stored on a workstation. Once the secrets are obtained, the attacker can modify code on a lambda, access instance metadata, and eventually gain enough permission to access user data stored on an AWS bucket.