29/07/2024 | Press release | Distributed by Public on 29/07/2024 12:10
Tenable®, the Exposure Management company,today announcedLiv Matan, senior cloud security researcher for Tenable, will give presentations at Black Hat USA 2024, DEF CON 32 Cloud Villageand BSides Las Vegas 2024, taking place from August 6 - 11, 2024 in Las Vegas, Nevada.
At Black Hat USA, Matan will give an in-depth presentation on the supply chain exposures that can arise when cloud services are stacked on top of each other. During the session titled, "The GCP Jenga Tower: Hacking Millions of Google's Servers With a Single Package (and more)," he will disclose a new critical remote code execution (RCE) vulnerability - dubbed "CloudImposer"- which Tenable Research found in Google Cloud Platform (GCP).
At BSides Las Vegas, Matan will give a presentation on domain management, the dangers of shared parent domains and FlowFixation, a previously disclosed vulnerability found in Amazon Web Services (AWS) by Tenable Research. In addition, Matan will give a presentation on the weaknesses introduced by cloud cross-service dependency and the stackability of cloud services, including details on a previously disclosed vulnerability found by Tenable Research in GCP, dubbed ConfusedFunction.
Details for each speaking engagement are as follows:
BSides Las Vegas
Black Hat USA
DEF CON Cloud Village
More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security.
About Tenable
Tenable® is the Exposure Management company. Approximately 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world's first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 65 percent of the Fortune 500, approximately 50 percent of the Global 2000, and large government agencies. Learn more at tenable.com.
###
Media Contact:
Tenable