What We Discuss with Gafnit Amiga:
- 00:00 Introduction
- 02:28 snyk.io/csp
- 02:57 A bit about Gafnit
- 05:15 What is AWS ECS and ECR?
- 08:18 Why do people use ECS and ECR?
- 09:58 The ECR vulnerability Gafnit discovered
- 15:16 Vulnerability scanning for containers in AWS ECR
- 16:42 How do you find undocumented APIs in AWS?
- 17:58 Attack techniques in AWS
- 22:43 How to protect your AWS accounts?
- 25:14 Focus areas for Cloud Security Research in 2023
- 25:48 Finding vulnerability through research
- 29:00 Resources for Cloud Security Research
THANKS, Gafnit Amiga!
If you enjoyed this session with Gafnit Amiga, let him know by clicking on the link below and sending him a quick shout out at his website:
Click here to thank Gafnit Amiga!
Click here to let Ashish know about your number one takeaway from this episode!
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at firstname.lastname@example.org.
Resources from This Episode
- AWS ECR Vulnerability – https://blog.lightspin.io/aws-ecr-public-vulnerability
- AWS ECR Public Gallery – https://gallery.ecr.aws/