A Live Demonstration of Cloud IAM Misconfiguration Attacks

The cloud has changed the way hackers operate: Rather than targeting an organization and then searching for vulnerabilities to exploit, they now use automation to scan the internet looking for cloud misconfigurations to exploit, and then use IAM like a network to move laterally, find data, and extract it. We’ve graduated from simple misconfiguration mistakes to techniques bad actors are using today to breach data out from under the most advanced cloud security teams⁠—often without detection.

Josh Stella, CTO of Fugue, will walk through a live demonstration of how hackers take advantage of common⁠ but overlooked AWS IAM misconfigurations to gain access to environments, jump from account to account, discover resources to target, and exfiltrate sensitive data.

This session will be performed live in the terminal and the AWS console, and will cover advanced topics that primarily focus on AWS IAM (Identity and Access Management) service misconfigurations. While focused on AWS, the concepts are readily applicable to other cloud platforms such as Microsoft Azure and Google Cloud Platform.

At each step of the way, Josh will talk in detail about why these misconfigurations happen in every day cloud operations, how hackers are taking advantage of them, and how these attacks can be prevented. Specifically, attendees will learn:

Common, and dangerous, IAM misconfigurations and how hackers exploit them, how to evaluate your AWS environment to identify IAM misconfiguration vulnerabilities, and strategies for correcting IAM misconfigurations without disrupting application functionality.


Josh Stella

Josh Stella is Co-founder and CTO of Fugue, which provides autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services, where ...