Catching Secrets in the Cloud with Pawel Rzepa

OWASP DevSlop Project
OWASP DevSlop Project
Öffentliche Gruppe

Benötigt einen Veranstaltungsort

Details

Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public?

On the DelSlop show this week Pawel will show us different methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet.

How can Shannon Entropy help you to do that? Pawel will show how he uses scanners to search an AWS space and will demonstrate his own tool to analyse big amounts of data in search for sensitive data.

Join us live on
Mixer: https://aka.ms/DevSlop-Mixer
or
Twitch: https://aka.ms/DevSlopTwitch

Videos can be found afterwards at https://aka.ms/DevSlopShow

PAWEL RZEPA
Pawel is a senior security consultant in SecuRing. He has a wide experience in security field gained inter alia, as a fuzzer developer at Spirent, pentester at EY GSS, security auditor at Credit Agricole or threat analyst at IBM SOC.

His skills are proven by gaining both the OSCP and eMAPT certificates. Pawel actively supports the OWASP community as a one of the top contributors in the OWASP MSTG project and by organizing local OWASP chapter meetings in Wroclaw.