Loading...

#HITB2012AMS D2T1 - Dr Marco Balduzzi - SatanCloud

435 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jun 24, 2012

------------------------------------------------------------------------------------------------------
#HITB2012KUL (OCT 10-11) REGISTRATION NOW OPEN
http://conference.hitb.org/hitbseccon...
------------------------------------------------------------------------------------------------------

Presentation Materials: http://conference.hitb.org/hitbseccon...

Cloud services such as Amazon's EC2 and IBM SmartCloud allow users to create and share virtual images (AMIs) with other users. In addition to these user-shared images, the cloud providers also provide AMIs that have been preconfigured with popular software such as open source databases and web servers.

This talk explores both the privacy and the security risks associated with renting and using public AMIs from cloud computing providers. We will present SatanCloud, our automated system that we used to analyze and test over 5,000 server images provided by Amazon in its four data centers of US, Europe and Asia. From our analysis, we discovered that both the users and the providers of public AMIs are vulnerable to security risks such as data leakage, unauthorized access, malware infections, and loss of sensitive information.

ABOUT DR. MARCO BALDUZZI

Dr. Marco Balduzzi holds an MSc. in computer engineering from the university of Bergamo and a Ph.D. in applied IT security from Télécom ParisTech. He has been involved in IT security for 10 years with international experiences in both industrial and academic fields. He worked as security consultant and engineer for different companies in Milan, Munich and Sophia-Antipolis, before joining the International Secure Systems Lab and then Trend Micro Inc. as senior security and threat researcher.

He attended well-known and high-profile conferences all over like BlackHat, Hack in the Box and Owasp AppSec, and his work has been acknowledged and published by important media such as Forbes, The Register, Slashdot, InfoWorld and DarkReading. Being a free software sympathizer, back in the year 2K he co-founded the Bergamo's Linux User Group and then the University's Laboratory of Applied Computing. In former times he was also member of different Italian hacking groups and maintainer of open-source projects.

Loading...

Advertisement
When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...