Kontra AWS Top 10
KONTRA's AWS Top 10 is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their AWS-hosted cloud applications.
-
Dangerous Dependencies
-
Insecure S3 POST Upload Policy
-
Lambda Command Injection
-
Lambda XML Entity Injection
-
Leftover Debug Code
-
Misconfigured AWS Cognito Attributes
-
Misconfigured AWS Cognito Profile Allows Self-Registration
-
Misconfigured Reverse Proxy
-
S3 Bucket Authenticated Users 'WRITE' Access
-
S3 Bucket Public 'READ' Access
-
S3 Directory Traversal
-
Server Side Request Forgery
-
Subdomain Takeover