Skip to content
View MrCloudSec's full-sized avatar
💻
💻

Organizations

@BeyondTrust

Block or report MrCloudSec

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
MrCloudSec/README.md
Welcome!

Security Researcher at BeyondTrust Phantom Labs

Ex-Founding Engineer at Prowler

Email Badge

About

Security Researcher focused on AI and Cloud security, with recent work on AWS Bedrock and AgentCore, identity-centric attack paths, and automated threat detection.

Research

CVEs

  • CVE-2026-11931 - World-readable auth token in Kiro IDE (Medium, CVSS 6.8)

Tools

  • bedrock-keys-security - security toolkit for AWS Bedrock API keys: scanning, key forensics, privilege-escalation analysis, and incident response

Talks

  • RootedCON Madrid 2026: The Phantom of the Infrastructure: The Invisible Threat in Bedrock API Keys
  • BSides Seattle 2026: The Phantom of the Infrastructure: Investigating the Hidden IAM Risks in Bedrock API Keys
  • RootedCON Madrid 2025: Practical Threat Detection and Remediation in the Cloud
  • Seasides India 2025: Open Source Multi-Cloud Security with Prowler: A Practitioner's Guide
  • fwd:cloudsec NA 2024: Forged in Fire: Forging Multi-Cloud Open Source Swiss-Army Knife
  • DEF CON Cloud Village 2022: Prowler Open Source Cloud Security: A Deep Dive Workshop
  • BSides Las Vegas 2022: Prowler Open Source Cloud Security: A Deep Dive Workshop

Certifications

  • AWS Certified Solutions Architect – Professional
  • AWS Certified Solutions Architect – Associate
  • AWS Certified Security – Specialty
  • AWS Authorized Instructor

Visitor count

Pinned Loading

  1. prowler-cloud/prowler prowler-cloud/prowler Public

    Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

    Python 14.1k 2.2k

  2. BeyondTrust/bedrock-keys-security BeyondTrust/bedrock-keys-security Public

    Detect phantom IAM users, decode leaked AWS Bedrock and Claude Platform API keys, and prevent LLMjacking. CLI + SCPs + SIEM detection rules.

    Python 33 2