Session
The Log Rings Don’t Lie: Historical Enumeration in Plain Sight
Logs keep a lot of data. Most of them are events, but events have other data in them. Source IP, Source Identity, Target Resource, User Agent, Request and Response Parameters, etc. Which one of them are important? All of them of course. Logs are important to a defender. And they are a needle in the foot of the attacker. But why do they have to be? Why can't the attacker actually profit from logs? What if the attacker can achieve enumeration, C2 capabilities, exfiltration, download through logs?
This presentation will go through actually that. How can an attacker utilize Logs to attack a Cloud Infrastructure.
Bleon Proko
Cloud Security Researcher
Boston, Massachusetts, United States
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top