Rhino Security Labs

Strategic & Technical Blog

AWS Privilege Escalation – Methods and Mitigation

Spencer Gietzen
June 19, 2018

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 17 in total –…

Security for SaaS Companies:
Leveraging Infosec for Business Value

Amazon’s AWS Misconfiguration:
Arbitrary Files Upload in Amazon Go

AWS Essentials: Top 5 Tests for Penetration Testing AWS

Benjamin Caudill

In recent weeks, there have been a number of AWS (Amazon Web Services) breaches revealing several different types of vulnerabilities including leaky S3 buckets, misconfigurations and compromised AWS environments. Techniques for assessing…