This is the fourth post in a series highlighting bits from our recent BlackHat USA 2017 talk. An index of all the posts in the series is here. Introduction In this blog post, we will introduce you to the newest member of our Canarytoken’s family, the Amazon Web Services API key token. This new Canarytoken allows you to sprinkle AWS API keys around and then notifies you when they are used. (If you stick around to the end, we will also …
Month: September 2017
This is the third post in a series highlighting bits from our recent BlackHat USA 2017 talk. An index of all the posts in the series is here. Introduction In our BlackHat talk, “Fighting the Previous War“, we showed how attacks against cloud services and cloud-native companies are still in their nascent stages of evolution. The number of known attacks against AWS is small, which is at odds with the huge number (and complexity) of services available. It’s not a …