Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Bucket List - Experiences Operating S3 Honeypots

Security BSides San Francisco via YouTube

Start learning Write review
Coursera Ad

Launch a New Career with Certificates from Google, IBM & Microsoft

Learn More → TrainSec Ad

Learn EDR Internals: Research & Development From The Masters

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the world of S3 bucket security in this 30-minute conference talk from BSidesSF 2018. Dive into Cameron Ero's experiences operating S3 honeypots and gain insights into the concerning trend of S3 bucket incidents. Learn about the techniques used by researchers to find public buckets, the tools they employ, and their actions upon discovery. Discover how to monitor access to your S3 assets and implement S3 honeypots within your organization. Gain valuable knowledge on AWS security, bucket enumeration methods, and the severity of potential threats. Understand the effectiveness of honeypot deployment and its value in enhancing your organization's security posture.

Syllabus

Introduction
The problem
AWS
Enumerating Buckets
Word Lists
Microsoft
AWS S3
Bucket List
Who was doing this
Bucket scripting
Bucket targeting
Custom tools
Severity
Sophisticated
Key takeaways
Is this something that was valuable
How easy was it to deploy
What is the value

Taught by

Security BSides San Francisco

Reviews

Start your review of The Bucket List - Experiences Operating S3 Honeypots

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.