Morioh
Login
Rory West

Rory West

2 years ago

Abstract:

AWS is the global leader of cloud infrastructure and has so far done a great job at securing the fabric and communicating the shared responsibility model…However vulnerable resources continue to be deployed in the Cloud and targeted by malware actors as a foothold to move laterally in search for valuable data amongst other things.

Sites like Shodanthen index these exposed systems and further expose them to wider audiences and script kiddies.

So you ask, wouldn’t be nice to know if ANY of your assigned internet IPs on AWS are referenced by vulnerability scanners like Shodan?

This write up describes a fully automated way of achieving such oversight by leveraging the Shodan search intelligence to protect potentially misconfigured resources before they get taken over.

This document audience is everyone from security leadership to security teams and is structured as such. The first part provides a solution architecture overview and discusses serverless technologies while the latter part provides the full code and step-by-step deployment of the solution.

#aws #security #shodan #lambda #monitoring

Automated AWS Elastic IP monitoring with Shodan

medium.com

Automated AWS Elastic IP monitoring with Shodan

Automated AWS Elastic IP monitoring with Shodan. Our solution - a lambda function crawls all the existing Public IPv4 addresses from AWS services and checks them with Shodan for security.

1.40 GEEK