CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence!
Jenko Hwong, Chris Ryan
BSidesSF 2026 · Day 2 · AMC Theatre 13
In "CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence," Jenko Hwong and Chris Ryan, Principal Security Researchers at Huntress Labs, delve into the often-overlooked security implications of **Cloud Shell** environments across major cloud providers. The talk, originally conceived from a Defcon Cloud Village Capture The Flag (CTF) challenge, exposes how these interactive, browser-based Linux terminals, intended for administrative convenience, can become potent vectors for **persistence** and abuse by adversaries.
AI review
Solid, original cloud security research that surfaces a genuinely underexplored attack surface — Cloud Shell environments as covert persistence vectors — with live demos and a concrete novel finding in the RoleSessionName abuse technique. Not a world-shaker, but this is exactly the kind of practical, unglamorous work that makes real defenders better at their jobs.