As security practitioners, we are often stuck in our own echo chamber, believing that everyone has properly configured their environments. We are unable to “zoom out” or understand how organizations around the world are really managing their security posture. Our recently released State of AWS Security study is our effort to bring perspective to the realm of cloud security and gain understanding of the real-world security posture of hundreds of organizations around the globe who use AWS.

In this talk, we’ll start by exploring the top ways organizations get breached on AWS, based on real-world data from actual security incidents. Then, we’ll dive deep into our findings, showcasing to what extent organizations are managing to implement cloud security mechanisms that are relevant to the most critical threats. Along the way, we’ll discuss S3 bucket security, practical tips to avoid hard-coded and long-lived credentials, and why we feel it’s critical to use the Instance Metadata Service V2 (IMDSv2). You’ll leave with an understanding of how to remediate these top vulnerabilities in your account and with a clearer picture of how tooling like CSPM (Cloud Security Posture Management) can help.