Paying More for Worse Security: An AWS Marketplace Horror Story
Corey Quinn
fwd:cloudsec North America 2026 · Day 1
In this eye-opening talk from fwd:cloudsec, Corey Quinn, author of the "Last Week in AWS" newsletter, exposes a pervasive and disturbing trend within the AWS Marketplace: a "horror story" where customers unknowingly pay significant premiums for outdated, unpatched, and often less secure versions of free operating systems. Quinn meticulously details a business model that, while apparently legal and even "AWS blessed," preys on enterprise customers, leveraging the platform's trust mechanisms and automation practices to insert compromised-by-neglect software into production environments.
AI review
Quinn lands a real, underappreciated problem — predatory AWS Marketplace AMI vendors exploiting platform trust and automation assumptions — and documents it with actual evidence rather than vibes. It's a competent investigative piece with genuine practitioner utility, but it's closer to a long-form blog post than a security research talk: the 'attack' is negligence-as-a-service, not novel technique, and the defensive guidance is straightforward enough that it doesn't need a conference slot to convey.