IMDS: The Gatekeeper to Your Cloud Castles (and How to Keep the Dragons Out)
Watch Lior Zatlavi and Liv Matan's fwd:cloudsec 2023 session
Most of us know IMDS as a tool for seamlessly maintaining and supplying credentials for applications running on instances to access resources in cloud environments. However, a deep understanding of IMDS implementations across cloud providers is what separates the security novices from the advanced practitioners - and can be crucial for the security of your cloud environment.
During this talk, Ermetic's own Sr. Cloud Security Architect Lior Zatlavi and Security Researcher Liv Matan take a deep dive into the protections offered by different cloud service providers for the IMDS used by computing instances, and how they have evolved over time. They demonstrate how these mechanisms could mean the difference between a critical and non-critical vulnerability, through the story of a real-life vulnerability we found in a leading cloud provider. They talk about the customer’s part of the shared responsibility model in this context - and how that must evolve as well.
They show how vulnerable software may be leveraged by an attacker to gain access to credentials and talk about the kind of compensating controls which may be used to mitigate this risk.