DiscoverResearch SaturdayEssential tools with critical security challenges.
Essential tools with critical security challenges.

Essential tools with critical security challenges.

Update: 2024-08-17
Share

Description

Snir Ben Shimol from ZEST Security on their work, "How we hacked a cloud production environment by exploiting Terraform providers." In this blog, ZEST discusses the security risks associated with Terraform providers, particularly those from community sources.

The research highlights the importance of carefully vetting providers, regular scanning, and following best practices like version pinning to mitigate potential vulnerabilities in cloud infrastructure management.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Comments 
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Quishing for trouble.

Quishing for trouble.

2024-12-2117:16

Watching the watchers. IoT vulnerabilities exposed by AI.

Watching the watchers. IoT vulnerabilities exposed by AI.

2024-12-1417:34

The JPHP loader breaking away from the pack.

The JPHP loader breaking away from the pack.

2024-12-0722:09

Leaking your AWS API keys, on purpose?

Leaking your AWS API keys, on purpose?

2024-11-3022:31

Exposing AI's Achilles heel.

Exposing AI's Achilles heel.

2024-11-2322:33

Credential harvesters in the cloud.

Credential harvesters in the cloud.

2024-11-1614:38

A firewall wake up call.

A firewall wake up call.

2024-11-0923:01

Velvet Ant's silent invasion.

Velvet Ant's silent invasion.

2024-11-0219:15

LLM security 101.

LLM security 101.

2024-10-2618:35

New targets, new tools, same threat.

New targets, new tools, same threat.

2024-10-1927:17

Ransomware on repeat.

Ransomware on repeat.

2024-10-1228:35

Podcast bait, malware switch.

Podcast bait, malware switch.

2024-10-0522:44

Beyond the permissions wall.

Beyond the permissions wall.

2024-09-2817:47

Hook, line, and sinker.

Hook, line, and sinker.

2024-09-2119:46

Spamageddon: Xeon Sender’s cloudy SMS attack revealed!

Spamageddon: Xeon Sender’s cloudy SMS attack revealed!

2024-09-1418:57

The playbook for outpacing China.

The playbook for outpacing China.

2024-09-0727:26

Pop goes the developer.

Pop goes the developer.

2024-08-3119:03

MaaS infrastructure exposed.

MaaS infrastructure exposed.

2024-08-2425:39

Essential tools with critical security challenges.

Essential tools with critical security challenges.

2024-08-1724:17

Prompts gone rogue.

Prompts gone rogue.

2024-08-1022:42

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Essential tools with critical security challenges.

Essential tools with critical security challenges.

N2K Networks