Security News > 2022 > April > Finding Attack Paths in Cloud Environments

Finding out exactly which assets are put at risk through compromised accounts or breached assets requires mapping potential attack paths across a comprehensive map of all the relationships between assets.

Today, mapping potential attack paths is performed with scanning tools such as AzureHound or AWSPX. Those are graph-based tools enabling the visualization of assets and resources relationships within the related cloud service provider.

The relationship direction - is the connection direction from asset X to asset Y or the other way round.

The relationship type - is asset X:. Contained by asset Y. Can access asset Y. Can act on asset Y. The goal of the information provided is to assist red teamers in identifying potential lateral movement and privilege escalation attack paths and blue teamers in finding ways to block critical escalation and stop an attacker.

Asset Y is contained by Asset X. The direction of the connection between user A and asset X is A X. From an adversarial perspective gaining access to the key vault holds the potential of gaining access to all the assets accessible via those secrets.

In this case, finding out exactly which assets are potentially at risk from user A requires mapping out all the assets related to the secrets stored in key vault X. Cymulate's extensive array of continuous security validation capabilities unified in an Extended Security Posture Management platform is already adopted by red teamers to automate, scale, and customize attack scenarios and campaigns.

News URL

https://thehackernews.com/2022/04/finding-attack-paths-in-cloud.html