WhizBangLambdaFix: where AWS Misconfigurations...
Lily Chau, Lakshmanan Murthy
BSidesSF 2024 · Day 1
This talk, "WhizBangLambdaFix: where AWS Misconfigurations...", presented by Lily Chau and Lakshmanan Murthy from Roku, introduces a novel framework for automated remediation of AWS misconfigurations. The core problem addressed is the overwhelming volume of security findings and the inefficiency of traditional remediation processes, which rely heavily on manual intervention through Jira tickets and Slack alerts. Despite increased visibility into cloud environments, security teams face challenges such as resource constraints, a lack of security expertise among developers, and the sheer complexity of AWS services and their potential misconfigurations.
AI review
This talk presents a robust, battle-tested auto-remediation framework, "WhizBangLambdaFix," developed at Roku to combat AWS misconfigurations stemming from manual actions and unmanaged resources. It goes beyond mere alerting to actively fix issues at scale, demonstrating significant cost savings and attack surface reduction through practical, Lambda-driven playbooks for common and complex vulnerabilities like IMDS V1, S3 subdomain takeover, and lateral movement detection. The speakers provide a candid critique of AWS Config and Cloud Custodian, justifying their custom, cost-effective…