Ben Caudill @rhinosecurity
Spencer Gietzen @spengietz
Rhino Security - https://rhinosecuritylabs.com/blog/
AWS escalation and mitigation blog - https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/
What is the difference between this and something like Scout or Lynis?
Is it a forensic or IR tool?
How might offensive people use this tool? What is possible when you’re using this as a ‘redteam’ or ‘pentesting’ tool?
S3 bucket perms?
Security Group policy fails
Some of the hardening policies for Security groups?
Where are you speaking… BSLV? DefCon?
Join our #Slack Channel! Email us at firstname.lastname@example.org
or DM us on Twitter @brakesec
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
Comments, Questions, Feedback: email@example.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec