New Pentera Labs research has uncovered a surprising blind spot: intentionally vulnerable “training” applications are publicly exposed across cloud environments at Fortune 500 companies and major security vendors - with evidence of confirmed compromise and active crypto-mining in some cases.

The root cause? Thousands of cloud-hosted training and demo applications running on enterprise-owned infrastructure across AWS, Azure, and GCP,  with default configurations and overly permissive roles, creating an unintended attack surface.

Join Noam Yaffe, Senior Security Researcher at Pentera, for a deep dive into how attackers are abusing training & demo applications - and what defenders must prioritize next.

During the session, we will:

• Break down the research methodology & key findings
• Demonstrate real exploitation paths discovered in the wild
• Outline the immediate fixes needed to close this exposure
  
  

Wednesday, February 12, 2026 | 11:00 AM ET, 5:00 PM CET

Register today >>