AWS VMS

About Me Gabi StarCraft 2 Diamond Company Logo

AWS Taxonomy VMS Taxonomy Common issues Some tools Policies Suggestions

S3 Buckets

EC2 Virtual machine EBS Storage devices

NIST Technology MITRE Research CVE Vulnerabilities

CVE-2018-1169

Why do we need VMS especially on AWS?

How scanners work

How scanners work internally

How scanners work on AWS

So how do I automate it?

Most common security issues

Some AWS tools: GitGuardian https://www.gitguardian.com Security Monkey https://github.com/Netflix/security_monkey Cloud Inquisitor https://github.com/RiotGames/cloud-inquisitor

TLDR: Undeniably allowed

Encryption Key Policy IAM Policy

QA?