Rhino Security Labs

Strategic Blog

AWS Privilege Escalation – Methods and Mitigation

Spencer Gietzen

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 17 in total –…

GDRP and Penetration Testing: What You Need to Know

Security for SaaS Companies:
Leveraging Infosec for Business Value

Amazon’s AWS Misconfiguration:
Arbitrary Files Upload in Amazon Go

Spencer Gietzen

Earlier this year, Amazon introduced Amazon Go, a brand-new kind of grocery store featuring automated check-out lines and no cashiers! These stores are poised to revolutionize the way that people shop for groceries.
On a very high level,…