Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore critical security vulnerabilities in AWS S3 bucket detection systems through this 16-minute conference talk that reveals how established security tools can fail to identify publicly exposed data. Discover original research demonstrating multiple undocumented techniques that bypass AWS security tooling, including Trusted Advisor's S3 security checks, Block Public Access settings, and Resource Control Policies. Learn about specific methods using bucket policies and ACLs that create public and anonymous access permissions while evading detection systems entirely. Examine real-world implications through case studies of recent S3 security breaches, including ransomware attacks via SSE-C encryption and supply chain compromises. Understand why S3 buckets continue to pose security risks despite 19 years of evolution in AWS security tooling and "secure by default" configurations. Gain insights into the technical details of how these detection evasion techniques work and their potential for enabling data exfiltration without triggering security alerts.
