HN Theater @HNTheaterMonth

As the biggest provider of cloud services in the world by far, Amazon Web Services (#AWS) is a juggernaut powering the massive and complex applications deployed by entertainment giants, governments, and social networks. Given the sheer volume of user data they handle on a daily basis, it's only logical to assume they're the target of numerous security attacks and threats.

In this episode of Security Engineer Interview Questions, Abhay Bhargav answers the question: "What are the biggest AWS security vulnerabilities?"

Despite having very robust security across its services, most of the security issues that plague AWS-hosted apps tend to stem from the users' end, ie., the people deploying their apps on AWS. Security misconfigurations, access control and privilege issues, and more comprise the majority of security vulnerabilities found on AWS.

Here are some of the most common AWS vulnerabilities out there:
Misconfigured Access Control - #S3 Buckets
Subdomain Takeovers - S3/ #Cloudfront
Vulnerabilities with apps deployed on compute infrastructure
Host and Network hardening flaws
Privilege escalation of credentials from compute services

Watch the video to see a full breakdown of all of these, and ace that job interview!

---------

AppSecEngineer is a powerful training platform that delivers amazing hands-on training on AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security.

#AppSecEngineer​ is ideal for jobseekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers

Learn more about AWS Security at https://appsecengineer.com/aws-cloud-security-courses/
Twitter: https://twitter.com/AppSecEngineer​
Linkedin: https://www.linkedin.com/company/appsecengineer/