Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Watch a comprehensive security conference talk exploring how attackers can exploit trust relationships in AWS services for initial access. Learn from Staff Security Researcher Nick Frichette as he delves into the evolving landscape of AWS security, focusing on vulnerabilities in IAM roles and trust configurations. Discover how misconfigured trust relationships with AWS services can be exploited, with specific examples involving Amazon Cognito and GitHub Actions OIDC identities. Examine real-world cases, including a vulnerability found in AWS AppSync that enables cross-account role assumption through PassRole exploitation. Gain valuable insights into securing AWS environments against these attack vectors, including protection strategies for zero-day vulnerabilities. Perfect for cloud security professionals, penetration testers, and AWS administrators looking to strengthen their cloud security posture.
