No Way Out? C2 Through AWS Data Perimeter via Bedrock-AgentCore - Dan Gansel

This is a corrected version since the original recording had some visual issues. Link to the old version:    • No Way Out? C2 Through AWS Data Perimeter ...   Speaker: Dan Gansel Dan Gansel is a cloud security specialist with deep expertise in cloud API research, secure cloud solutions and architecture design. Dan has led cloud security research teams and has a track record of uncovering novel attack techniques in cloud environments. As a Security Researcher at Upwind Security, Dan continues to push the boundaries of cloud security, focusing on uncovering blind spots in the services organizations trust the most. Talk: The Data perimeter is the gold standard for cloud-native security boundary in AWS. It combines all available preventive security tools and guardrails. In this talk you will learn about a novel attack technique that exploits AWS Bedrock AgentCore’s identity service to establish a fully functional command and control channel (C2) capable of bypassing data perimeter controls - all while using legitimate capabilities. We will demonstrate how an attacker can use two covert channels hidden in plain sight: data exfiltration and unauthenticated data infiltration. We will demo the complete C2 channel operating end to end - an attacker establishing persistence, issuing commands and exfiltrating sensitive data from an S3 bucket containing user records, all within an enforced data perimeter. We will also walk through CloudTrail signals which will enable defenders to detect this activity and discuss why new AI services demand security assessment before adoption. Recorded at fwd:cloudsec North America 2026 - Bellevue, WA https://fwdcloudsec.org/conference/no...