# iam
10 artikelengetagd met “iam”
Beoordeling van IAM voor AI-systemen
Assessment of identity and access management vulnerabilities specific to AI service deployments.
Aanvalsoppervlak van Bedrock
Comprehensive red team methodology for Amazon Bedrock: model invocation API abuse, guardrails bypass techniques, custom model endpoint exploitation, IAM misconfigurations, knowledge base poisoning, and Bedrock Agents exploitation.
AWS IAM voor AI-services
IAM exploitation patterns for AWS AI services: overprivileged roles, cross-account model access, service-linked roles, resource policies for Bedrock and SageMaker, and privilege escalation through AI-specific IAM actions.
AWS Bedrock Security Deep Dive
Geavanceerde beveiligingsbeoordeling van AWS Bedrock met aandacht voor controles op modelaanroepen, het testen van guardrails-bypasses, VPC-configuraties en red team-methodologieën voor foundation-model-API's.
IAM-best practices voor cloud-AI-services
Cross-cloud IAM best practices for securing AI services on AWS, Azure, and GCP, covering least privilege, service identity management, cross-account access, and policy automation.
IAM-misconfiguraties bij cloud-AI
Common IAM misconfigurations in cloud AI services and their exploitation for unauthorized model access.
GCP IAM voor AI-services
IAM exploitation patterns for GCP AI services: service account exploitation, Workload Identity abuse, VPC Service Controls for AI, and privilege escalation through Vertex AI permissions.
Vergelijkingsmatrix van beveiligingscontroles
Side-by-side comparison of AWS, Azure, and GCP AI security controls: IAM patterns, content filtering, guardrails, network isolation, logging, and threat detection across cloud providers.
Redteaming van AWS SageMaker
End-to-end walkthrough for red teaming ML models deployed on AWS SageMaker: endpoint enumeration, IAM policy analysis, model extraction testing, inference pipeline exploitation, and CloudTrail log review.
Beveiligingstesten van GCP Vertex AI
End-to-end walkthrough for security testing Vertex AI deployments on Google Cloud: endpoint enumeration, IAM policy analysis, model serving exploitation, pipeline assessment, and Cloud Audit Logs review.