sethsec Profile Banner
Seth Art Profile
Seth Art

@sethsec

Followers
1K
Following
3K
Media
30
Statuses
1K

Cloud Security Research and Advocacy @Datadoghq. Previous: Cloud Penetration Testing lead @BishopFox. Also on Mastodon https://t.co/R1KYbwIdme

Ithaca, NY
Joined June 2010
Don't wanna be here? Send us removal request.
@sethsec
Seth Art
5 months
RT @awscloudsec: 📣 Issue 84 is out. Highlights:. - Amazon Inspector enhances the security engine for container images scanning. - AWS Cloud….
0
2
0
@sethsec
Seth Art
5 months
RT @ramimacisabird: Excellent research here from @sethsec and crew - including responsible disclosure, AWS hardening enhancement, detectio….
0
1
0
@sethsec
Seth Art
5 months
The post also includes many ways you can check to see if you are vulnerable!.
0
0
0
@sethsec
Seth Art
5 months
My Datadog Security Labs research is finally live! The whoAMI research highlights how a malicious actor could gain remote code execution in thousands of AWS accounts that are vulnerable to this attack.
Tweet card summary image
securitylabs.datadoghq.com
Detailing the discovery and impact of the whoAMI cloud image name confusion attack, which could allow attackers to execute code within AWS accounts due to a vulnerable pattern in AMI retrieval.
1
4
18
@sethsec
Seth Art
9 months
RT @mattjay: What. The.
Tweet media one
0
1K
0
@sethsec
Seth Art
9 months
RT @christophetd: Fun with Google Cloud's default service accounts (and how to leverage them for offensive purposes). .
Tweet card summary image
securitylabs.datadoghq.com
This post offers a deep dive into Google Cloud’s default service accounts, explaining their functionality, risks, and real-world adoption trends.
0
21
0
@sethsec
Seth Art
9 months
RT @0xLupin: 🔗In this article we talk about how I exploited a Fortune 500 Through Hidden Supply Chain Links . Link 👇. .
0
79
0
@sethsec
Seth Art
9 months
RT @clintgibler: ☁️ State of Cloud Security. 2024 update of @Datadog’s report analyzing security posture data from a sample of thousands of….
0
14
0
@sethsec
Seth Art
9 months
RT @christophetd: Excited to share some research I've been working on for the past few months, based on real-world data from thousands of e….
Tweet card summary image
datadoghq.com
For our 2024 report, we analyzed data from thousands of organizations to understand the latest trends in cloud security posture.
0
32
0
@sethsec
Seth Art
9 months
RT @Agarri_FR: How it feels to be on the other side… #Bluesky
Tweet media one
0
2
0
@sethsec
Seth Art
9 months
I had such a great time speaking about Cloud Security at @BsidesORL! I saw some great talks, made some new friends, and got to hang with old ones. A huge thank you to all of the volunteers that made this epic event possible!
Tweet media one
Tweet media two
Tweet media three
0
0
10
@sethsec
Seth Art
9 months
This is a killer talk! If you have not seen it yet, make some time to watch Nick explain some really cool initial access techniques he found in a super approachable way!.
@Frichette_n
Nick Frichette
9 months
My talk at DEF CON 32 is now on YouTube! "Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access" is a look at vulnerabilities I've found in AWS services that provided initial access to victim environments!.
0
1
3
@sethsec
Seth Art
10 months
Really looking forward to speaking at BSides Orlando in two weeks!.
@BsidesORL
Bsides Orlando
10 months
Join Seth Art @sethsec for "Six degrees of (cloud) escalation" at BSides ORL - Oct 19th!
Tweet media one
0
2
13