AWS Privilege Escalation and Lateral Movements in Cloud Security

Explore advanced AWS cloud security techniques in this comprehensive DevSecCon conference talk. Delve into the intricacies of privilege escalation and lateral movement attacks within AWS environments, starting from initial access points. Learn how to exploit vulnerabilities like SQLi, RFI, Command Injection, and SSRF to gain entry, then leverage these footholds to escalate privileges and navigate complex cloud infrastructures. Discover the power of "nuvola," an open-source tool developed by Prima Assicurazioni, which creates a digital twin of AWS environments for enhanced threat detection. Gain valuable insights into effective initial access techniques, strategies for identifying and exploiting privilege escalation paths, and practical applications of "nuvola" for securing AWS accounts. Elevate your cloud security expertise and develop a proactive approach to safeguarding AWS ecosystems against sophisticated attacks.

AWS Privilege Escalation and Lateral Movements