Release Date: 12/09/2021 | Issue: 104
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Looking at phishing emails can be tedious and now with phishing attempts and business email compromise (BEC) on the rise itโ€™s become essential. Expel can help by detecting threats across the email attack lifecycle. Ready to give it a try?
Two week free trial

This week's articles


Inside Figma: getting out of the (secure) shell
Tips from the Figma security team to help other teams secure Systems Manager and protect their most sensitive data.   #aws   #defend


Coordinated disclosure of vulnerability in Azure Container Instances Service
Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances (ACI) that could potentially allow a user to access other customers information in the ACI service. Microsoft's investigation surfaced no unauthorized access to customer data. You can also check the original post disclosing the vulnerability and another that explains What to do? to address it.   #attack   #azure


Automate Your Security in GCP with Serverless Computing
Talk exploring serverless open source tools and other cloud-native options that allow you to automate your cloud security without the need for human interaction.   #defend   #gcp


A Kubernetes engineer's guide to mTLS
mTLS is a hot topic in the Kubernetes world, especially for anyone tasked with getting "encryption in transit" for their applications. But what is mTLS, what kind of security does it provide, and why would you want it? This guide walks through exactly what mTLS is, how it relates to ordinary TLS, and why it's relevant to Kubernetes.   #build   #kubernetes


Kubernetes Instance Calculator
Visualize Kubernetes cost calculations in an interactive way.   #build   #kubernetes


Azure-Pentest
A collection of resources and notes useful for pentest and red team engagements against Azure.   #attack   #azure


Elastic on Elastic: Deep dive into our SIEM architecture
A a deep dive into Elastic Infosec team's architecture, the many sources of data collected for security uses, how and why cross-cluster search is used, and how to configure Elastic Security and machine learning to work with cross-cluster search.   #elastic   #monitor


Automate Consul Agent Security with Auto-Config
Auto-Config is a highly scalable method to distribute secure properties and other configuration settings to all Consul agents in a datacenter.   #build   #hashicorp


Managing Kubernetes seccomp profiles with security profiles operator
Post covering the features of the security profile operator and how to use it.   #explain   #kubernetes


Automation Assistants: Gitops Tools In Comparison
If you want to switch from classic CI/CD environments to GitOps, then you can choose from any of a large number of available tools. However, it is not always easy to tell which features they support and how suitable they are for your project at first glance. This article provides help in making a decision.   #build   #kubernetes


Learn how to manage apps across private Kubernetes clusters
How to apply GitOps on multiple private Kubernetes cluster with a single Argo CD installation.   #build   #kubernetes

Sponsor CloudSecList

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
๐Ÿ“จ [email protected] ๐Ÿ“จ

Tools


go-discover
go-discover is a Go (golang) library and command line tool to discover ip addresses of nodes in cloud environments based on meta information like tags provided by the environment.


AWS Security Hub Automated Response and Remediation
An add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks.


buildkit-cli-for-kubectl
A tool for building container images within your Kubernetes cluster.


kube-spawn
A tool for creating multi-node Kubernetes clusters on a Linux machine using kubeadm & systemd-nspawn.

CloudSecDocs


Building an AWS Perimeter
Just added a page to CloudSecDocs providing a summary of the "Building an AWS Perimeter Whitepaper" released in July 2021.

From the cloud providers


#AWS   Visualize AWS Security Hub Findings using Analytics and Business Intelligence Tools
Two architecture design options, which collect Security Hub findings across Regions. You can make these findings searchable, and build multiple visualization dashboards using analytics and BI Tools in order to gain insights.


#AWS   Top 10 security best practices for securing data in Amazon S3
Post reviewing the latest S3 features and AWS services that you can use to help secure your data in S3, including organization-wide preventative controls such as SCPs.


#AWS   How to improve visibility into AWS WAF with anomaly detection
How to automatically detect anomalies in the AWS WAF metrics to improve your visibility into AWS WAF activity, identify malicious activity, and simplify your investigations.


#AWS   Ensure Workload Resiliency and Comply with Data Residency Requirements with AWS Outposts
How to set up a modified multi-Region DR strategy that uses one Region and AWS Outposts to ensure the resiliency of your workload and address data residency requirements.


#GCP   What is Network Intelligence Center?
Currently Network Intelligence Center has four modules: Network Topology, Connectivity Tests, Performance Dashboard, and Firewall Insights.


#GCP   GCP CA Service: A practical demo on how to get started!
Post going over GCP's new CA Service in a practical way by using infrastructure as code to deploy a demo.


#GCP   Using GCP Cloud Asset Inventory Export to keep track of your GCP resources over time
Google Cloud Asset Inventory is a service that allows you to view, monitor, and analyse your GCP assets, giving you the option to export a snapshot of your entire inventory at any point of time.


#AZURE   Best practices for cluster isolation in Azure Kubernetes Service
Learn the cluster operator best practices for isolation in Azure Kubernetes Service (AKS).


#AZURE   Check the health of your exported Azure Sentinel logs in your ADX cluster
The ADX Health Playbook compares the number of logs in your Azure Sentinel tables and ADX tables periodically and sends you a warning via email if it detects a difference in the number of logs that may require your attention.


#AZURE   Introducing: Azure Sentinel Data Exploration Toolset (ASDET)
ASDET provides a security analyst a complete set of tools to explore any security log dataset programmatically instead of manually.


#AZURE   Alert enrichment: how to reduce incident triage and investigation times using dynamic alert details
Post exploring the new "Alert enrichment" in Azure Sentinel Analytics and giving a deep dive into the "Alert details" dynamic content ability.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini