Cloud services continue to proliferate and new users continue to flock, in a clear demonstration that cloud computing is more than simply a flash-in-the-pan. Coupled with this rapid evolution of services are protection mechanisms for the services, which often lag. Cloudbrokers are an example of a service which, to this point, have not had public security scrutiny.
Last year we highlighted weaknesses in the cloud model and demonstrated a number of vulnerabilities in large cloud providers. In this talk, we revisit important issues to discuss remediation.
We also examine technologies underlying many cloud services and discuss the exploitation path followed once a vulnerability inside a cloud application is discovered. We will rely on demonstrations to show the practical nature of such steps.
Finally, we round off with a look at cloudbrokers, and what impact they have on an organisation's cloud footprint.