Securing Your Terraform State File With Daniel Grzelak The IaC podcast

Over 20 million podcasts, powered by

Artwork

Tech News Tech News Ohad Maislish

Content provided by Ohad Maislish. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Ohad Maislish or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

The IaC Podcast « »
Securing your Terraform State File with Daniel Grzelak

1+ y ago 20:36

Share

MP3•Episode home

Content provided by Ohad Maislish. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Ohad Maislish or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game.

Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here.

Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.

… continue reading

36 episodes

#Tech #News #Tech News #Ohad Maislish

Artwork

Securing your Terraform State File with Daniel Grzelak

The IaC Podcast

published 1+ y ago

Share

MP3•Episode home

Content provided by Ohad Maislish. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Ohad Maislish or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game.

Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here.

Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.

… continue reading

36 episodes

#Tech #News #Tech News #Ohad Maislish

All episodes

×

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Listen to 500+ topics

Help/FAQ | Advertise with Us

Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion

Science|Soccer|Sports|Storytelling|Technology|True Crime

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright

Listen to this show while you explore