Game to Dethrone: A Least Privilege CTF
2021 IEEE 6th International Conference on Smart Cloud (smartcloud)
Identity and Access Management (IAM) misconfiguration is one of the most critical threats to the security of cloud environments. As more infrastructure is being migrated to the cloud, the importance of following the principle of least privilege (PoLP) to mitigate security risks has significantly increased. Unfortunately, the mechanisms provided for doing so in the cloud are complex and substantially different than traditional legacy infrastructure. As a result, the number of practitioners that know how to secure cloud projects is insufficient compared to the number of cloud projects being deployed. To address the issue, this paper describes a Least Privilege CTF, a series of exercises that allows practitioners to practice applying least privileges on cloud deployments that are easily deployed with minimal cost.
Copyright 2021 IEEE - All rights reserved.
Locate the Document
Wu, W., & Feng, W.-chang. (2021). Game to Dethrone: A Least Privilege CTF. Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/smartcloud52277.2021.00030