Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Kinnaird McQuade💥☁️ Profile picture
Kinnaird McQuade💥☁️
@kmcquade3
Lead Security Engineer @salesforce. Security Researcher. OSS author. Wrote Cloudsplaining. AWS, Azure, DevSecOps. He/him |🇵🇭🇺🇸| https://t.co/Ryy7gRbzBa |
Oct 21, 2020 5 tweets 3 min read
THIS IS SO COOL.

@spookerlabs and @pr0teusbr use Cloudsplaining's IAM Risk assessment capabilities to enrich CloudTrail events so you can prioritize and identify risk classes. They even show how they use it to detect Pacu exploitation events!

🧵

tenchisecurity.com/blog/detecting… I have to say, I never thought about Cloudsplaining being used in this way. I wrote the tool as a security assessment tool that could help you lock down IAM in your account or help pentesters quickly find which privileged roles they should target, but I didn't think about this.
Aug 7, 2020 23 tweets 6 min read
A few thoughts on the $80 million fine from the Capital One Breach - a thread. Based on public information, we know that this happened, in part, to overly permissive AWS IAM policies that allowed s3:GetObject to * resources.

As @matthewdfuller said - probably one of the most expensive * wildcards in history.