OWASP DevSlop: AWS (Customer) Security Incidents [2022]

May 15, 22

On May 15th, 2022 I spoke on the OWASP DevSlop livestream, discussing the public catalog of AWS Customer Security Incidents I maintain, covering over twenty different public breaches. We’ll walk through the technical details of these attacks, establish the common root causes, look at lessons learned, and establish how you can proactively secure your environment against these real-world risks.

For posterity and discoverability, I’m syndicating all of my public work to this personal blog.

The recording can be found over on OWASP DevSlop’s Youtube channel.

The slides are also available on speakerdeck.