Lab: Subdomain Takeover, Part 2 | Discover & remediate

Presented by

Carlos Vendramini, Security Research Engineer, Normalyze

About this talk

In the second part of this two-part webinar, Carlos will do a hands-on demonstration of a subdomain takeover attack using open-source tools. This demo will contain two attack vectors: AWS S3 and AWS Elastic Beanstalk. In the end, Carlos will also demonstrate how data security tools can help you protect your cloud environment against Subdomain Takeover attacks. Subdomain takeover continues to be a major security threat for organizations using the cloud to deliver public services. After setting up their cloud environments, oftentimes, organizations overlook removing the domain name system (DNS), aliases (A record), and canonical names (CNAME record) that are no longer being used. This leads to a dangling domain record that is no longer associated with an active website or an online resource.
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (26)
Subscribers (4612)
We discuss how to understand the full range of risks present against your cloud, on-prem and hybrid data, and eliminate the risks that matter the most. Let's put data security at the center of information security--where it belongs.