houston

@[email protected]
60 Followers
167 Following
27 Posts
cloud abuser
CloudAttack
CloudDefense
CloudIncident Response
Show threadhoustonSep 7, 2025
Show threadhoustonFeb 27, 2023
@fwdcloudsec
2 minute warning! https://infosec.exchange/@fwdcloudsec/109937070384155390
fwd:cloudsec (@[email protected])

Set your alarms! Tickets go live in 3 hours at 9 AM PT! https://eventbrite.com/e/fwdcloudsec-2023-tickets-556255303587 2nd batch goes live at 9PM PT for our friends in other timezones

Infosec Exchange
houstonFeb 27, 2023
fwd:cloudsecFeb 27, 2023

Set your alarms!

Tickets go live in 3 hours at 9 AM PT! https://eventbrite.com/e/fwdcloudsec-2023-tickets-556255303587

2nd batch goes live at 9PM PT for our friends in other timezones

fwd:cloudsec 2023

fwd:cloudsec is the industry's leading independent, community-driven cloud security conference. All times listed are in US/Pacific time.

Eventbrite
Show threadhoustonFeb 21, 2023
@christophetd @rami it was a pleasure. Hoping to get to collaborate with each of you more and more in 2023. You are both so brilliant!
houstonFeb 21, 2023
Christophe Feb 21, 2023

In case you missed it, @houston @rami and myself documented and analyzed all the cloud security breaches we could find from 2022.

https://securitylabs.datadoghq.com/articles/public-cloud-breaches-2022-mccarthy-hopkins/

Spoiler: SSRF to IMDS, leaked static credentials, public storage buckets.

A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins | Datadog Security Labs

Looking back on publicly disclosed cloud breaches of 2022, and what we can learn from them.

Show threadhoustonFeb 18, 2023
@scottpiper this is an example of military technology that scares me even more when it hits consumer market. Even so it’s fascinating.
Show threadhoustonFeb 17, 2023
@scottpiper how long before we brag about the layers of role chaining being done to keep customers protected like the cool crypto kids do?
houstonJan 25, 2023
Scott PiperJan 25, 2023
I like the explanation of cloud terminology by @jcfarris in his interview on Screaming in the Cloud . AWS has accounts because it grew out of Amazon retail and that's what you used to buy underwear. GCP has projects because of their developer first mentality. Azure has subscriptions because their focus is on how they'll charge you. https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/Solving-for-Cloud-Security-at-Scale-with-Chris-Farris/
Solving for Cloud Security at Scale with Chris Farris

Last Week in AWS
houstonJan 14, 2023

Firstly, I am a fan of Password Managers.

However, calling them Password Managers is softening the risk of what people actual store in them. Maybe a better mouthful-of-a-name would be Personal Secret Storage or Cloud Based Personal Secret Storage. Password storage is a popular use case, but so is storing keys of all types, notes, etc.

If your company doesn’t prevent usage of a non-mandated password manager, then the LastPass breach is a much bigger deal; even bigger than shops that use LastPass Enterprise. Unless it was fully blocked, there is a very non zero chance your employees past and present used Lastpass. And likely you do not have any insight into what they stored or how strong their vault password is or was.

How do you triage that? Rotate every secret in the company? Some companies take years to rotate even the simplest service account password as they have long lost track of who created it or what it’s used for; and are too operationally risk adverse to scream test. More than likely, companies will choose to ignore it.

These are not at all new issues, but they aren’t the kinds of things that win accolades or innovative awards for solving. Where is the cavalry?

Show threadhoustonJan 9, 2023
@MelindaATL @agreenberg @jackrhysider excellent episode. I don’t recall any podcast pulling this kind of physical emotion/repulsion/anger. I am excited to check out the book. Ohh.. and rest up Jack!