Marios Gyftos
Senior Penetration Tester
Chicago, Illinois, United States
Actions
Marios has been working on the Cyber Security field since 2017, started his career focusing on web application penetration testing but then continued on focusing more on cloud penetration testing including AWS, GCP and Azure. On his free times he enjoys playing basketball and chess.
Area of Expertise
Topics
Cloud Convergence: Exploring the Interconnected World of Cloud, DevOps and AD in Penetration Testing
In today's digital landscape, the convergence of cloud computing, DevOps practices, and internal Active Directory (AD) infrastructure has become increasingly prevalent, shaping the way organizations deploy, manage, and secure their IT environments. This presentation delves into the interconnected world of Cloud, DevOps tools and AD, exploring the security implications and challenges inherent in this complex ecosystem.
As organizations embrace cloud technologies and DevOps methodologies to drive agility and innovation, they are also confronted with new cybersecurity risks and increased attack surface. Cyber attackers are stirring their focus on currently easier exploitation of vulnerabilities in cloud environments, leveraging misconfigurations, weak authentication mechanisms, and insecure DevOps pipelines to gain unauthorized access, compromise sensitive data, and disrupt operations.
Through real-world examples and case studies, this presentation highlights the impact of cyber attacks on cloud, DevOps, and AD environments, illustrating the potential consequences of security breaches. Attendees will gain insights into common attack vectors, defensive strategies, and best practices for securing these interconnected environments. By understanding the interconnected nature of these technologies and the security implications therein, organizations can better protect their digital assets and mitigate the risk of cyber attacks in today's rapidly evolving threat landscape.
The Dark Side of DevOps
Cloud Security Landscape is rapidly changing. Cloud security platforms are being adopted by all industries at a rapid pace and are often being utilized in CI/CD development pipelines that store highly sensitive data. We will demonstrate how finding secrets stored in CI/CD pipelines can establish a foothold on cloud environments and can lead to a total compromise of an organizations overall security posture. The first part of our talk will discuss different ways to pivot to different cloud environments through CI/CD pipelines and the security misconfigurations that come with them. We will speak about GCP and AWS attack vectors and how those can allow attackers to pivot to additional cloud environments or even compromise an on-premise AD environment. The Google Cloud Platform has often been overlooked for attack and penetration assessments. In one of the sections , we will demonstrate how internal repositories like GitHub can lead to obtaining privileged access into GCP by exploiting IAM attack vectors. Additionally, we will discus how environments like GCP and G Suite are connected by domain wide delegation and how attackers are capable of laterally moving into G Suite and obtaining super admin access. Next we are going to talk about the interconnectivity between different environments. A lot of organizations believe that cloud environments are segregated from their internal networks and their Active Directory environment. We will demonstrate that the on-premise and cloud environments are all inter-connected and how attackers can pivot between environments to escalate privileged on Cloud and AD environments. Lastly, we are going to talk about what organizations should be aware when setting up hybrid environments with DevOps pipelines to protect from insider threat actors.
Security BSides Athens 2024 Sessionize Event
BSidesChicago 2023 Sessionize Event
Marios Gyftos
Senior Penetration Tester
Chicago, Illinois, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top