2026-06-24 –, Track 3
There are many attacks, new and old, arising from the push to GenAI. In a world that encourages developers to adopt coding agents, and is shifting to AI enabled workflows, we must ask ourselves – are we handling the new security risks this introduces?
Amazon Bedrock is already being utilized across the board in all stages, from the development lifecycle up to production applications, with broad permissions over AWS resources. The rapid growth of Bedrock usage reproduces common configuration patterns that lead to data leaks, destruction, and tampering.
If you are interested in learning about novel attack methods against Bedrock applications across your AWS organization, this talk is for you. You will learn how common misconfigurations in Bedrock can lead to data exfiltration, lateral movement, and security control weakening in your AWS organization. Join us to hear more.
Maya Parizer is a Security Researcher at Varonis with a passion for cloud security, identity, and data protection, specializing in IaaS and AI. Maya dives deep into every project, thoroughly investigating cloud environments to uncover potential vulnerabilities and stealthy attack techniques. Her experience spans both offensive and defensive disciplines - including CSPM, DSPM, vulnerability research, detection engineering, and product security research in cloud environments.
Tal Peleg, also known as TLP, is a senior security researcher and cloud security team lead at Varonis. He is a full-stack hacker with experience in malware analysis, Windows domains, SaaS applications, and cloud infrastructure. His research is currently focused on cloud applications, APIs, and agentic applications.