Hosted By
Guest: Vladi Sandler, Co-Founder & CEO, Gafnit Amiga, VP of Research, Lightspin
Topic: Researching Cloud giants security mechanisms
Language: English
Abstract
The leading cloud providers these days are storing growing parts of human knowledge and businesses , and therefore their services require to be top notch in security and most of the time, they actually provide very resilient security services. But every now and then, a talented security researcher finds vulnerabilities even on the most mature services - In this episode we spoke with Vladi Sandler & Gafnit Amiga from Lightspin regarding the AWS RDS vulnerability they recently discovered and what is the process of researching cloud provider vulnerabilities and how to do responsible disclosure. As a bonus, we also discussed the open-source tools released by Lightspin and the way they can help organizations protect their cloud resources.
https://blog.lightspin.io/aws-rds-critical-security-vulnerability
https://recon.cloud - Free CNAPP tool
https://github.com/lightspin-tech/red-detector - EC2 vulnerability scanner
https://github.com/lightspin-tech/red-kube - K8S Adversary Emulation
Attendees Guest: Ory Segal, Puresec Guest title: CTO & Co-Founder at PureSec Company: Puresec is the global leader in serverless architectures security. Serverless functions...
Attendees Guest: Yuval Reut, Guest title: CIO & CISO Company: Riskified Micro-services can bring enormous benefits into the organizations – giving flexibility and driving...
Attendees Guest: Evgeny Zislis Guest title: CTO Company: ProdOPS Abstract Over 90% of IaaS/PaaS security incidents happens on consumer fault. Cloud platforms are complicated,...
