A radical rethink of what a Linux distro should do, and what it should stop doing. Plus, we dig into what's great about Linux 6.16.
…
continue reading
Content provided by Corey Quinn. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Corey Quinn or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Similar to Screaming in the Cloud
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
"web3 with a16z" is a show about the next generation of the internet, and about how builders and users -- whether artists, coders, creators, developers, companies, organizations, or communities -- now have the ability to not just "read" (web1) + "write" (web2) but "own" (web3) pieces of the internet, unlocking a new wave of creativity and entrepreneurship. Brought to you by a16z crypto, this show is the definitive resource for understanding and going deeper on all things crypto and web3. Fro ...
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
Technical interviews about software topics.
…
continue reading
1
Epicenter - Learn about Crypto, Blockchain, Ethereum, Bitcoin and Distributed Technologies
Epicenter Media Ltd.
1k
600
Epicenter brings you in-depth conversations about the technical, economic and social implications of cryptocurrencies and blockchain technologies. Every week, we interview business leaders, engineers academics and entrepreneurs, and bring you a diverse spectrum of opinions and points of view. Epicenter is hosted by Sebastien Couture, Brian Fabian Crain, Friederike Ernst, Meher Roy and Felix Lutsch. Since 2014, our episodes have been downloaded over 8 million times.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Replay - Hacking AWS in Good Faith with Nick Frichette
Manage episode 457590976 series 2937944
Content provided by Corey Quinn. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Corey Quinn or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
On this Screaming in the Cloud Replay, we’re taking you back to our chat with Nick Frichette. He’s the maintainer of hackingthe.cloud, and holds security and solutions architect AWS certifications, and in his spare time, he conducts vulnerability research at Hacking the Cloud. Join Corey and Nick as they talk about the various kinds of cloud security researchers and touch upon offensive security, why Nick decided to create Hacking the Cloud, how AWS lets security researchers conduct penetration testing in good faith, some of the more interesting AWS exploits Nick has discovered, how it’s fun to play keep-away with incident response, why you need to get legal approval before conducting penetration testing, and more.
Show Highlights
(0:00) Intro
(0:42) The Duckbill Group sponsor read
(1:15) What is a Cloud Security Researcher?
(3:49) Nick’s work with Hacking the Cloud
(5:24) Building relationships with cloud providers
(7:34) Nick’s security findings through cloud logs
(13:05) How Nick finds security flaws
(15:31) Reporting vulnerabilities to AWS and “bug bounty” programs
(18:41) The Duckbill Group sponsor read
(19:24) How to report vulnerabilities ethically
(21:52) Good disclosure programs vs. bad ones
(28:23) What’s next for Nick
(31:27) Where you can find more from Nick
About Nick Frichette
Nick Frichette is a Staff Security Researcher at Datadog, specializing in offensive security within AWS environments. His focus is on discovering new attack vectors targeting AWS services, environments, and applications. From his research, Nick develops detection methods and preventive measures to secure these systems. Nick’s work often leads to the discovery of vulnerabilities within AWS itself, and he collaborates closely with Amazon to ensure they are remediated.
Nick has also presented his research at major industry conferences, including Black Hat USA, DEF CON, fwd:cloudsec, and others.
Links
- Hacking the Cloud: https://hackingthe.cloud/
- Determine the account ID that owned an S3 bucket vulnerability: https://hackingthe.cloud/aws/enumeration/account_id_from_s3_bucket/
- Twitter: https://twitter.com/frichette_n
- Personal website:https://frichetten.com
Original Episode
Sponsor
The Duckbill Group: duckbillgroup.com
648 episodes
Share
Manage episode 457590976 series 2937944
Content provided by Corey Quinn. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Corey Quinn or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
On this Screaming in the Cloud Replay, we’re taking you back to our chat with Nick Frichette. He’s the maintainer of hackingthe.cloud, and holds security and solutions architect AWS certifications, and in his spare time, he conducts vulnerability research at Hacking the Cloud. Join Corey and Nick as they talk about the various kinds of cloud security researchers and touch upon offensive security, why Nick decided to create Hacking the Cloud, how AWS lets security researchers conduct penetration testing in good faith, some of the more interesting AWS exploits Nick has discovered, how it’s fun to play keep-away with incident response, why you need to get legal approval before conducting penetration testing, and more.
Show Highlights
(0:00) Intro
(0:42) The Duckbill Group sponsor read
(1:15) What is a Cloud Security Researcher?
(3:49) Nick’s work with Hacking the Cloud
(5:24) Building relationships with cloud providers
(7:34) Nick’s security findings through cloud logs
(13:05) How Nick finds security flaws
(15:31) Reporting vulnerabilities to AWS and “bug bounty” programs
(18:41) The Duckbill Group sponsor read
(19:24) How to report vulnerabilities ethically
(21:52) Good disclosure programs vs. bad ones
(28:23) What’s next for Nick
(31:27) Where you can find more from Nick
About Nick Frichette
Nick Frichette is a Staff Security Researcher at Datadog, specializing in offensive security within AWS environments. His focus is on discovering new attack vectors targeting AWS services, environments, and applications. From his research, Nick develops detection methods and preventive measures to secure these systems. Nick’s work often leads to the discovery of vulnerabilities within AWS itself, and he collaborates closely with Amazon to ensure they are remediated.
Nick has also presented his research at major industry conferences, including Black Hat USA, DEF CON, fwd:cloudsec, and others.
Links
- Hacking the Cloud: https://hackingthe.cloud/
- Determine the account ID that owned an S3 bucket vulnerability: https://hackingthe.cloud/aws/enumeration/account_id_from_s3_bucket/
- Twitter: https://twitter.com/frichette_n
- Personal website:https://frichetten.com
Original Episode
Sponsor
The Duckbill Group: duckbillgroup.com
648 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Screaming in the Cloud
A radical rethink of what a Linux distro should do, and what it should stop doing. Plus, we dig into what's great about Linux 6.16.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
"web3 with a16z" is a show about the next generation of the internet, and about how builders and users -- whether artists, coders, creators, developers, companies, organizations, or communities -- now have the ability to not just "read" (web1) + "write" (web2) but "own" (web3) pieces of the internet, unlocking a new wave of creativity and entrepreneurship. Brought to you by a16z crypto, this show is the definitive resource for understanding and going deeper on all things crypto and web3. Fro ...
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
Technical interviews about software topics.
…
continue reading
1
Epicenter - Learn about Crypto, Blockchain, Ethereum, Bitcoin and Distributed Technologies
Epicenter Media Ltd.
1k600
Epicenter brings you in-depth conversations about the technical, economic and social implications of cryptocurrencies and blockchain technologies. Every week, we interview business leaders, engineers academics and entrepreneurs, and bring you a diverse spectrum of opinions and points of view. Epicenter is hosted by Sebastien Couture, Brian Fabian Crain, Friederike Ernst, Meher Roy and Felix Lutsch. Since 2014, our episodes have been downloaded over 8 million times.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
