Hands-On Labs Added February 2025: AWS Red & Blue Teaming

AWS Security hands-on labs launches on Cybr for red and blue team

This month, we added three new Hands-On Labs to Cybr, one of which focuses on AWS security red teaming activities, while the other two are more focused on blue teaming and protecting our environments. Let’s check them out.

(P.P.S.: with these 2 new labs, we’re now at 80 AWS security-focused Hands-On Labs. 100 here we come!)

Discover AWS Organization ID via S3 Bucket

Discover AWS Account ID via S3 Bucket Hands-On Lab
View Lab >

Discover AWS Organization IDs by exploiting limited S3 bucket access. Using an automated approach, this lab demonstrates how to efficiently identify org IDs in just 360 attempts instead of brute-forcing 3.66 quadrillion combinations.

Automated S3 Remediation to Enforce Block Public Access

Automated S3 Remediation to Enforce Block Public Access
View Lab >

Learn how to detect and automatically remediate non-compliant S3 buckets that have Block Public Access disabled. This lab will teach you how to create an AWS Config rule and configure automated remediation to automatically revert any unauthorized or accidental changes that disable Block Public Access on S3 buckets. This ensures that buckets remain private by default, improving security posture and preventing unintended public exposure of data.

Create an IAM Role for Secure S3 Access

Create an AWS IAM role with least privilege to access a flag within Amazon S3
View Lab >

Create and configure an IAM role to provide read-only access to a specific prefix within an S3 bucket, following security best practices and the principle of least privilege. You’ll work with IAM roles, customer-managed policies, and permissions boundaries while learning to troubleshoot access issues in a realistic scenario that simulates common workplace tasks. Capture the flag by downloading the flag.txt file within the S3 bucket.

See you next month with more AWS security labs!

View all of our Hands-On Labs >

Get started for free >

Related Articles

Responses

Your email address will not be published. Required fields are marked *