Explore common infrastructure exploits in AWS, GCP, and Azure servers and containers in this 33-minute RSA Conference talk. Gain insights into the practical risks posed by misunderstanding VPC DNS and other cloud-specific vulnerabilities. Learn about exfiltration risks in cloud hosting services due to DNS and VPC endpoints, understand the limitations of legacy security measures in cloud environments, and discover mitigations available for both server and serverless (container) designs. Delve into topics such as DNS tunneling, VPC DNS, container security, and service endpoint exploitation. Through concrete examples and a hypothetical victim scenario, grasp the critical differences between legacy data centers and cloud architectures. Walk away with key takeaways and actionable steps to improve your cloud security posture, along with valuable resources for further learning.