and other digital technologies to delight your customers and transform your businesses.
This is part 4 of the series on AWS Cloudgoat Scenarios and the mitigation strategies series where we explore and see how remote command injection on a web application can be used to compromise the AWS environment.
In this third part, we will explore privilege escalation using EC2 instance profile attachment to obtain full admin privileges on the AWS account and also exploiting SSRF on EC2’s metadata service to get credentials.
Part 2 of our own series of articles on CloudGoat and mitigation strategies. This is a step by step breakdown on how to interpret and think like an attacker and also how to go about mitigating the attacks.
Keep abreast of the latest cloud news and receive our service offerings
Cloud, security and innovation have been the DNA of our team since 2012. We have used cloud computing to build and run many secure applications to support enterprise and government customers across Asia Pacific countries including Singapore, Australia, Philippines, Hong Kong, etc. Our cloud experience includes web applications, analytics, serverless architecture, content delivery, deep learning, storage and backup, etc. Our Cloud team is backed up by highly recognized credentials as Cloud Solution Architects, Internet Experts, Security Professionals and Blockchain Developers.
