Conference:  Defcon 31

Authors: Sam Quinn Sr. Security Researcher. Trellix Advanced Research Center, Jesse Chick Security Researcher. Trellix Advanced Research Center

2023-08-01

Our current administration lists "Defend Critical Infrastructure" as the #1 item in the 2023 National Cybersecurity Strategy. At the intersection of governmental and corporate concerns is data center security, a trend that is bound to continue as more and more operations move to the cloud. This talk details our findings in the domain of power management, the first category in a broader effort to investigate the security of critical data center components. We will reveal nine vulnerabilities in two integral data center appliances: a Power Distribution Unit (PDU) and a Data Center Infrastructure Management (DCIM) system. Continuing, we will delve into the technical details of the most impactful vulnerabilities and highlight the potential impact on their respective operations. The talk will challenge the misconception that data centers are inherently more secure than on-prem by exposing how attackers could leverage these vulnerabilities. This presentation will be valuable to data center professionals, security researchers, and anyone interested in understanding the characteristic vulnerabilities associated with modern data centers.

Conference:  Black Hat Asia 2023

Authors: Yoav Alon, Tzah Pahima, Yanir Tsarimi

2023-05-12

Cloud is the new operating system of the internet – almost all companies use the cloud to host workloads and data. While there are many talks about how to configure and maintain secure public cloud environments, there's little security research into the core cloud infrastructure, and vulnerabilities in core services could have a big impact on customers.This is the story of how our research led to two major discoveries, crossing tenant boundaries in two services in the biggest cloud vendors. We researched two data integration services, where our exploits allowed us to obtain credentials to other customer accounts and run code on remote machines.We're here to discuss new types of cloud provider service vulnerabilities, the anatomy, the implications - how simple vulnerabilities can lead to great impact, and yet how it still is beneficial to be a cloud customer.

Conference:  Global AppSec Dublin 2023

Authors: Paul Schwarzenberger

2023-02-15

The presentation discusses the implementation of a serverless architecture for continuous compliance in a large organization's AWS accounts using Lambda functions and other AWS services.

• The organization has multiple AWS accounts for different purposes and teams
• The Lambda function assumes a role into the organization management account and triggers a step function to orchestrate Lambda functions for each AWS account
• Each Lambda function queries Route 53 records and writes to a DynamoDB database and SNS topic for notifications
• The architecture is designed to be low cost, low operational overhead, and continuous
• The use of serverless services allows for scalability and ease of maintenance

Conference:  Cloud Native SecurityCon North America 2022

Authors: Jeremy Colvin

2022-10-24

The importance of securing developer laptops in the CI/CD pipeline to prevent security gaps and correlate data across the pipeline.

• Developer laptops are a high-value asset and a potential entry point for attackers to access cloud infrastructure and data.
• Real-time device integrity checks are necessary for zero-trust access.
• Auditing for vulnerable software packages and malicious Chrome extensions is crucial.
• Tying together identity and GitHub activity on the laptop with CI/CD actions can help detect and protect against malicious behavior.
• Correlating data across the CI/CD pipeline is essential to prevent security gaps and enable effective security measures.

Conference:  OWASP 20th Anniversary Event

Authors: Kavisha Sheth

2021-09-24

Kavisha is a Security Analyst by profession. She is a cloud security and machine learning enthusiast who dabbles in an application and API security and is passionate about helping customers in securing their IT assets. She spends time findings vulnerabilities and doing research for the same. She has been recognized by the Government of India for helping them in securing their websites. She has also been listed in the list of top security researchers of the nation, in a recent newsletter of NCIIPC RVDP.She believes in giving back to the community and frequently finds audiences to talk. She is also a cybersecurity speaker and love to share her views on various infosec threads. She has spoken at various security events and around the world including Defcon Cloud village, OWASP Bay area, OWASP Sofia, Null Bangalore, Bsides Noida, Infosec girl, and so on.