The AWS API Key Canarytoken (paid and free) is a great way to detect attackers who have compromised your infrastructure. The full details are in a previous blogpost, but in short: You go to https://canarytokens.org and generate a set of valid AWS API credentials; Simply leave those in ~/.aws/config on a machine that’s important to you Done! If that machine is ever breached, the sort of attackers who keep you up at night will look for AWS API credentials, and …
Thinkst Thoughts