Attacking Modern Environments Series: Attack Vectors on Terraform Environments
- 1 minI have given a talk about my latest research, “Attack Vectors on Terraform Environments”.
About the talk
Have you ever encountered an environment in an engagement that uses Terraform for IAAC (infrastructure-as-code) management? Almost every modern company does now.
In this talk, I will share techniques and attack vectors to exploit and compromise Terraform environments in engagements and patterns that I have seen that achieve successful infrastructure takeover against companies. I will also cover detection and prevention methods for each attack vector discussed in my talk.
This is part of my work-in-progress research in cloud security and attacking modern environments.
Recorded Talk
Watch on Youtube
Download: Slides (PDF)
Download: Slides (PPTX)
Related Posts
- Introducing LLMQuery Framework: Scaling GenAI Automation with Prompt Templates
- Engineering Learnings from the CrowdStrike Falcon Outage
- Secrets Patterns DB: Building Open-Source Regex Database for Secret Detection
- Speaking at BlakcHat MEA 2022
- DoS Attacks are Dead: Demystifying Practical DoS Attacks
