Misconfigured object-storage services have been responsible for some, if not most of the attacks which have resulted in data leaks. Amazon Simple Storage Service (S3) is one of the most well-known object-storage service and is used across a wide variety of use cases ranging from storing images, icons and sensitive datasets, to hosting static websites.
This Amazon S3 security course will get you up to speed with the fundamentals of S3, giving you the foundational knowledge you need to secure apps hosted on the service. We start with an introduction to the Amazon S3, including key terminologies and features, as well as some typical use cases of the platform.
You’ll learn about the most common and serious security issues of Amazon S3, and hands-on labs will teach you how to create insecure S3 buckets. In a series of practical exercises, we’ll go step-by-step through versioning, pre-signed URLs, and best practices for security hygiene.
Our material is a distillation of years of security testing experience, knowledge, and original research across our entire team. By learning about Amazon S3 Security, you’ll be able to understand on a practical level the most common security pitfalls for many apps. Once you finish this course, you’ll be ready to take on more challenging security threats across a variety of modern cloud-native applications.
Creating an Insecure Bucket
Using Versioning in Amazon S3
Pre-signed-URL in Amazon S3
Using AWS Credentials with AppSecEngineer
AWS S3 Introduction
AWS S3 Terminologies and Features
AWS S3 Use Cases
Create Insecure Bucket
AWS S3 Security-Issues
AWS S3 Security Best Practices and Security Hygiene
AWS S3 Pre-signed URL