Rhino Security Labs

Strategic Blog

Technical Strategic Technical & Strategic Both
AWS

AWS Privilege Escalation – Methods and Mitigation

Spencer Gietzen

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 17 in total –…

Read more
Compliance

GDRP and Penetration Testing: What You Need to Know

Cloud Security

Security for SaaS Companies:
Leveraging Infosec for Business Value

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
Application Security
AWS
Azure
Buyers Guide
Cloud Security
Compliance
Enterprise Security
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
AWS

Amazon’s AWS Misconfiguration:
Arbitrary Files Upload in Amazon Go

Spencer Gietzen

Earlier this year, Amazon introduced Amazon Go, a brand-new kind of grocery store featuring automated check-out lines and no cashiers! These stores are poised to revolutionize the way that people shop for groceries.
On a very high level,…

Read more