Lab: Subdomain Takeover, Part 2 | Discover & remediate
Carlos Vendramini, Security Research Engineer, Normalyze
About this talk
In the second part of this two-part webinar, Carlos will do a hands-on demonstration of a subdomain takeover attack using open-source tools. This demo will contain two attack vectors: AWS S3 and AWS Elastic Beanstalk. In the end, Carlos will also demonstrate how data security tools can help you protect your cloud environment against Subdomain Takeover attacks.
Subdomain takeover continues to be a major security threat for organizations using the cloud to deliver public services. After setting up their cloud environments, oftentimes, organizations overlook removing the domain name system (DNS), aliases (A record), and canonical names (CNAME record) that are no longer being used. This leads to a dangling domain record that is no longer associated with an active website or an online resource.
We discuss how to understand the full range of risks present against your cloud data, and eliminate the risks that matter the most.
Let's put data security at the center of information security--where it belongs.…