November meetup AWS UG FRA: Agents with Bedrock AgentCore π€ & Abusing IMDS π
Details
Hello AWS UG Frankfurt fellows!
π Let's keep the pace, this time we are back to 2 talks πβ¨
βΌοΈ NOTE: you have to register with your real name and bring an official government ID. This is necessary for security reasons within the location. Thank you for your understanding ππ½
Agenda π
- Doors open: 18:30
- Pizza, drinks & networking: 18:30-19:00
- Talks: 19:00-20:45
- Networking & discussions: 20:45-22:00
Welcome and Networking π€
- Join us for some pre-event networking.
- Enjoy pizza π and refreshments while get-to-know fellow AWS enthusiasts.
- Kick off the meetup with a warm welcome and a brief introduction to the evening's exciting agenda.
Talk 1 - AI Agents with Bedrock AgentCore - Level 300 (30min)
- Description: Do you want to go to production with your AI Agents, but are unsure how that will work? Say no more, Bedrock AgentCore is here for the rescue. Join this session to learn what Bedrock AgentCore is, how it works and how it can help you to go from "it works on my computer" to AI Agents in production, without breaking a sweat.
- Speakers: Alex KΓΆnig - Alex is a Senior Solutions Architect at AWS. He is experienced in large scale and distributed architectures, Kubernetes, DevOps, and AI. He has given talks and written blogs about Software Architecture, Kubernetes and Tech Leadership. With a background as a systems engineer he still likes to write shell scripts.
Talk 2 - Inside the Mind of an Attacker: Abusing the Instance Metadata Service (IMDS) - Level 200 (30min)
- Description: The AWS Instance Metadata Service (IMDS) is a powerful tool, but its v1 endpoint has been a primary target for attackers for years. A single Server-Side Request Forgery (SSRF) vulnerability can be all an attacker needs to pivot from a compromised web application to stealing IAM credentials. This session provides a live, hands-on demonstration of this classic attack chain and a deep dive into IMDS. You will see exactly how an attacker abuses IMDSv1 to steal credentials and move laterally within an AWS account. More importantly, you will learn the defense: how to enforce the use of the more secure IMDSv2.
- Speakers: Alexander Hose - He s a cloud security strategist, 2x author, and AWS Community Builder. As a Senior Manager at Deloitte, he specializes in helping organizations build mature, automated security programs on AWS and GCP. With deep, hands-on expertise in modern cloud security, Alex is passionate about bridging the gap between development and security and shares his practical insights on his blog, alexanderhose.com.
Closing Remarks π
- As we conclude our meetup, we'll have some closing remarks and invite attendees to continue networking and discussions.
Important Information:
- This event is open to all AWS enthusiasts, from beginners to experts.
- Pizza and drinks will be provided to keep you fueled throughout the evening. π»
- Please RSVP to secure your spot.
- Don't forget to bring your questions, enthusiasm, and willingness to learn and connect with the AWS + DevOps community.
RSVP now, and we look forward to seeing you there! π
