Kontra AWS Top 10

KONTRA's AWS Top 10 is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their AWS-hosted cloud applications.

• Dangerous Dependencies

  

• Excessive Logging

  

• Lambda Command Injection

  

• Lambda XXE Injection

  

• Misconfigured AWS Cognito Attributes

  

• Misconfigured AWS Cognito profile allows self-registration

  

• Misconfigured Reverse Proxy

  

• S3 Bucket Authenticated Users 'WRITE' Access

  

• S3 Bucket Public 'READ' Access

  

• S3 Directory Traversal

  

• Server Side Request Forgery

  

• Subdomain Takeover

  

• Weak S3 POST Upload Policy