We created this beginner-friendly and hand-on lab to teach about Amazon Macie, and how this powerful service can be used to improve the security of deployed S3 buckets. The lab covers discovery of sensitive data as well as highlighting buckets that are world-readable and world-writable.

Amid the undercurrents of the dark web, chatter is growing louder: Huge Logistics might be the next big target. Forensic traces hint at advanced adversaries conducting OSINT and mapping out their digital terrain. Hearing the whispers, the higher-ups at Huge Logistics are starting to sweat. They've reached out to your team to assess Huge Logistics' cloud security posture, starting with S3. Your primary tool for this mission: Amazon Macie. Your tasks are multi-fold: learn how to set up and configure Amazon Macie in order to discover and classify the company's crown jewels, and unearth any sensitive data in the deployed S3 data estate. The clock is ticking, and every piece of data could be a potential way in for threat actors.

Basic Linux command line knowledge

• Enabling and configuring Amazon Macie
• Using the AWS Console to analyze Macie findings
• Using the AWS CLI to analyze Macie findings

Amazon S3 bucket security misconfigurations have been one of the most common and serious security issues faced by AWS users, implicated in countless breaches. These issues can result in customers and clients being placed at risk, reputational damage, and regulator fines. Amazon Macie is one of the services offered by AWS to enhance data security and data privacy for Amazon S3 resources. Macie uses machine learning to automatically discover, classify, and protect sensitive data. Using Macie we can identify sensitive data like PII and also identify S3 buckets that are world-readable and world-writable.