28 Jan '21

(Prevent) Hacking into a CloudService - About security, ECS and terraform AWS UserGroup Hannover Online Meetup Feb, 4th 2021

Written by Yoni Leitersdorf , Gernot Glawe , Malte Walkowiak

Yoni: Oftentimes, when we think about protecting resources in the cloud, we immediately think about the typical ways in - via public-facing applications or abuse of credentials. In this talk, we will look at one additional way: through the work unit parameters of a service. During the development of Indeni’s Cloudrail SaaS product, Yoni was responsible for trying to find ways to hack into the service. One of the ways he found, raises questions about how secure ECS workloads really are."

AWS Usergroup Hannover is happy to host this meeting and we are happy that we have Yoni Leitersdorf with us. Why you should also be happy: Se below!

This meetup has two parts:

Part one - short introduction into terraform 20 mins (Gernot)

Main Talk: (Prevent) Hacking into a CloudService - About security, ECS and terraform (Yoni)

By: - Yoni Leitersdorf Oftentimes, when we think about protecting resources in the cloud, we immediately think about the typical ways in - via public-facing applications or abuse of credentials. In this talk, we will look at one additional way: through the work unit parameters of a service. During the development of Indeni’s Cloudrail SaaS product, Yoni was responsible for trying to find ways to hack into the service. One of the ways he found, raises questions about how secure ECS workloads really are."

Bio Yoni Leitersdorf Yoni is the CEO and Founder of Indeni, a provider of security automation tools. Recently, Indeni launched Cloudrail, its tool for doing security validation of Terraform code. Prior to Indeni, Yoni had a mix of software and cybersecurity roles. He’s been in software since the age of 6, when he first started coding, and got his cybersecurity stripes at the Israel Defense Forces and Check Point Software. One of Yoni’s projects in the military earned him the esteemed Israeli Security Prize. When he’s not coding or running a business, Yoni tries to stay married and raise three young kids.

Malte and Gernot are the organizers.

Our main speaker is Yoni! Die Please join us at meetup.com The button for participating is at the bottom of the meetup page. Teilnahme

Malte&Gernot

(Diese Meetup ist auf Englisch.)

Appendix

Want to know more about Cloudrail and indeni? Try it: github

Similar Posts You Might Enjoy

29 Jun '21

Containers! Containers everywhere!

The newly introduced ECS Anywhere feature lets us use our existing resources as Compute Power in Amazon ECS. Let’s talk about some basics and see how ECS Anywhere can be set up in Terraform! - by Antonia Berg

27 Mar '24

Automated ECS deployments using AWS CodePipeline

When developing applications, particularly in the realm of containerization, CI/CD workflows and pipelines play an important role in ensuring automated testing, security scanning, and seamless deployment. Leveraging a pipeline-based approach enables fast and secure shipping of new features by adhering to a standardized set of procedures and principles. Using the AWS cloud’s flexibility amplifies this process, facilitating even faster development cycles and dependable software delivery. In this blog post, I aim to demonstrate how you can leverage AWS CodePipeline and Amazon ECS alongside Terraform to implement an automated CI/CD pipeline. This pipeline efficiently handles the building, testing, and deployment of containerized applications, streamlining your development and delivery processes. - by Hendrik Hagen

22 Feb '24

From fragile to formidable: How to detect, fix and prevent container vulnerabilities with Inspector and Docker Scout

A webserver running on a container. Sound simple. Let`s dive deeper into how your architecture choices affect application security. I use docker scout for the container and show how Amazon Inspector can serve as a general-purpose security tool. - by Gernot Glawe