It appears that every few months, there's news of yet another cloud breach stemming from a carelessly configured cloud storage solution. While this isn't the default for most cloud vendors, some users still manage to make their cloud data publicly accessible by going out of their way - sometimes to a significant extent. Whether it's out of ignorance or convenience, it doesn't matter - this practice must come to an end.
To address this issue, we've developed a workshop that equips attendees with various techniques and methods to identify and rectify cloud storage misconfigurations in their own cloud accounts. We'll even demonstrate some ways to prevent these misconfigurations from happening in the first place. Although the chosen vendor for this workshop is AWS, due to its Simple Storage Service (S3) being the one making headlines, misconfigurations could occur in any cloud environment. Hence, the techniques discussed in this workshop will be applicable to all cloud vendor environments, including Azure, Google Cloud Platform, and Oracle.
LEARNING OBJECTIVES:
PREREQUISITE KNOWLEDGE:
None.
SYSTEM REQUIREMENTS:
This workshop supports concepts from SEC488: Cloud Security Essentials.