DEF CON 29 Cloud Village - Mazin Ahmed - Attack Vectors on Terraform Environments
About this talk
Ever come across an environment in an engagement that uses Terraform for IAC (infrastructure-as-code) management? Almost every modern company does now. In this talk, I will be sharing techniques and attack vectors to exploit and compromise Terraform environments in engagements, as well as patterns that I have seen that achieve successful infrastructure takeover against companies. I will be also covering prevention methods for the discussed attack vectors in my talk. This is part of my work-in-progress research in cloud security and attacking modern environments.
Stay Updated
Get notified about new features and conference additions.
