Kiro实战：大规模红队战术.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Damien BurksHe/HimSr.Cloud Security EngineerFICONick GilbertHe/HimRed Team ManagerFICOKiro in acti

2、on:Red Team tactics at scaleD E V 3 3 6 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.What are we trying to solve?2025,Amazon Web Services,Inc.or

3、 its affiliates.All rights reserved.Single PointAttackers only need one vulnerability.Adaptive ScalingYou need automation that scales across many accounts to close the gap.Identity ChaosIdentity is the weakest link;orgs can have 100,000+roles.Unknown ReachFinding which role can access a high-value S

4、3 bucket is impossible by hand.The Visibility Gap 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Who are we?2025,Amazon Web Services,Inc.or its af

5、filiates.All rights reserved.Red Team Manager at FICO AWS Community Builder Security and Identity Team AWS SME Security Specialty Exam Gen AI EnthusiastWho is Nick?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Sr.Cloud Security Engineer FICO during the day&Founder at night AWS C

6、ommunity Builder-Security&Identity LinkedIn Learning Instructor&Content Creator Anime+Cars+Videogames=Hobbies when I have timeWho is Damien?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,I