Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

The Silence of the IAMs

Max room.

You cannot secure what you do not see. Understand why silent IAM changes can lead to security incidents.

medium

45 min

0

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

An attacker gains a foothold in your account. Maybe through leaked access keys, maybe through an application vulnerability. One of the steps an attacker would take next is to ensure .

In , often looks like an change: a new access key created, an over-permissive policy attached to a low-privilege identity, or a new user created. This room focuses on that blind spot and ensures you have the right knowledge to tackle this from day one.

Learning Objectives

  • Understand why changes can have a big impact
  • Identify high-risk calls
  • Build detection rules
  • Use metrics and alarms
  • Understand how to apply a defense-in-depth strategy

Prerequisites

Answer the questions below

Something feels off...there is too much silence.