When an AWS key leaks, what can an attacker really do with it? Truffle Security’s Joseph Leon and guest researcher Eduard Agavriloae reveal how AWS keys show up in unexpected places from public repos to obscure build artifacts. 

They’ will demonstrate how these keys can be used to enumerate permissions, uncover hidden access paths, and pivot across cloud environments. You’ll walk away with a deeper understanding of how exposed AWS credentials translate into real-world risk – and what security teams can do to detect and contain them before attackers do.