Honey Dripping from the Cloud


Date
Oct 15, 2021 11:00 AM — 11:50 AM
Event
Bsides BHAM
Location
Remote

Migrating to the cloud opens up new possibilities for an organization, but at the same time, it also increases the attack vectors for an adversary. In the cloud, the perimeter security alone won’t help in keeping the bad actors away. Organisations too need to think out of the box.

Cloud is mostly secure by default, so if we see the responsibility matrix, most of the activities are being handled by the cloud provider but there are certain things that fall on the tenant. The majority of the vulnerabilities are found because of the misconfiguration issues in these three sections.

  • Everything Client Side
  • Data in Transit and Rest
  • Identity and Access Management

This talk will be about looking at a cloud infrastructure from an attacker’s point of view and discovering how honeypots can help the defenders, keeping the bad actors away from the cloud infrastructure of your organisation.

We will be covering:

  • Attacker’s point of view on attacking AWS infrastructure.
  • Deployment of some luring components (like Honeypots and Honey Tokens)
  • Benefits of this deployment from a defender’s perspective.