Weaponizing SSM: Practical Exploits and Hardening Techniques for AWS
Rodrigo Montoro
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
In his compelling talk at Cloud Village, Rodrigo Montoro, Director of Research at Clouds, delved into the often-underestimated security implications of AWS Systems Manager (SSM). Titled "Weaponizing SSM: Practical Exploits and Hardening Techniques for AWS," Montoro's presentation illuminated the vast potential for abuse within SSM's extensive feature set, a system primarily designed for centralized node management at scale. He candidly expressed his ambivalent relationship with SSM, acknowledging its powerful utility while highlighting the inherent risks posed by over-permissive configurations. The core message revolved around the critical need for robust privilege control and vigilant monitoring to prevent SSM from becoming a significant attack vector within AWS environments.
AI review
Competent, practically grounded coverage of SSM abuse that earns its place in a Cloud Village lineup — but it's building on published work (Mitiga, McCartney) more than breaking new ground. The hybrid activations angle is the most interesting contribution; the rest is solid tradecraft education that a thorough blog post could have covered equally well.