Abusing Short-Term Credentials in AWS
See how threat actors abuse short-term credentials to persist in your AWS environment. Attackers use hard-to-detect role chaining techniques to keep temporary credentials alive, indefinitely extending the lifetime of their STS credentials.
Temporary credentials are both ubiquitous and ambiguous, running everywhere in the background of your cloud infrastructure but not easily seen or trackable. This method of authentication is hard to keep tabs on, and tracking attackers becomes a difficult problem to solve. Which is why we have prioritized this webinar to shed light on credential activity through the Uptycs solution and will walk you through the foundations of monitoring, detecting, and remediating anomalous temporary tokens in AWS.
What you will learn:
- What is a temporary credential? Differentiate between short and long term credentials, why are these short-term credentials so embedded into our AWS Infrastructure?
- Learn how temporary credentials are abused and ‘fly under the radar’ for detection.
- See first hand examples of what this abuse looks like to your credentials and environment.
- Understand how to detect the tactics, techniques, and procedures of threat actors for role chaining and abusing short-term access keys.
See Uptycs Live
Schedule your demo of the Uptycs Cloud-Native Security Analytics Platform and see how Uptycs can help you protect and defend across modern attack surfaces.
Schedule Your Demo
Uptycs Live Presenters
Jeremy Colvin
Technical Marketing Manager
Jeremy Colvin is a Technical Product Marketer at Uptycs and enjoys learning the bits and bytes of what makes good security. Prior to Uptycs, Jeremy spent two years at Deloitte helping clients architect, configure, and implement secure systems. He graduated from Princeton with an AB in Public and International Affairs, focusing on policy around privacy and information security.