Release Date: 10/10/2021 | Issue: 108
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

How to use Defender for Endpoint to investigate ransomware attacks
Defender for Endpoint is one of the best EDR tools on the market. But do you know all of the ways you can optimize it? Find out how Expel's analysts use Defender for Endpoint to quickly identify a compromise and provide detailed remediation recommendations.
Get the webcast on-demand here.

This week's articles


Falco Hands-on Labs
Learn and practice with Falco in your Browser.   #explain   #falco   #kubernetes


Serverless Policy Enforcement: Connecting OPA and AWS Lambda
Recent updates to the project aim to better integrate OPA with serverless architectures and other infrastructure with intermittent compute.   #aws   #build   #opa


Protect Your GitHub Actions with Semgrep
What can happen (secrets stolen, repo backdoored), and how to protect yourself with open source Semgrep rules.   #ci/cd   #defend


Org Policies by default
An opinionated list of common organization policies you should use in Google Cloud.   #build   #defend   #gcp


Azure Security Roadmap
What do you do when you're handed a pile of new-to-you Azure accounts to secure?   #azure   #defend


Scaling Kubernetes Tenant Management with Hierarchical Namespaces Controller
Post explaining details of Mercari's multitenant Kubernetes architecture, and the issues they faced while migrating from on-premise deployments to containers on GCP by using Google Kubernetes Engine (GKE).   #build   #gcp   #gke


Azure Service Authentication and Authorization table
A table for reviewing service authentication and authorization security in Azure, especially cross-service security.   #azure   #explain   #iam


Encryption with Transit Data Keys
How to use an external, high-entropy data key generated with the HashiCorp Vault Transit secrets engine.   #build   #vault


How to Setup Role Based Access (RBAC) to Kubernetes Cluster
How to setup role-based access control in Kubernetes, so to restricts access to valuable resources based on the role the user holds.   #iam   #kubernetes

Tools


rbac-tool
Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query.


damon
A terminal UI (TUI) for HashiCorp Nomad.


cfn-diagram
CLI tool to visualise CloudFormation/SAM/CDK stacks as visjs networks or draw.io diagrams.


cartographer
Cartographer is a Kubernetes native Choreographer. It allows users to configure K8s resources into re-usable Supply Chains that can be used to define all of the stages that an Application Workload must go through to get to an environment.

CloudSecDocs


Inherited AWS Account
A summary of So You Inherited an AWS Account: Many engineers have found themselves in the unenviable position of being handed the keys to an AWS environment with absolutely no explanation of its contents, documentation, or training.

From the cloud providers


#AWS   Security features of Bottlerocket, an open source Linux-based operating system
Bottlerocket is an open source Linux-based operating system from Amazon that was purpose built for running containers with a strong emphasis on security. The result is an operating system that comes with a variety of built-in controls for creating a secure environment for running containerized workloads.


#AWS   AWS Backup Audit Manager adds compliance reports
AWS Backup Audit Manager now allows you to generate reports to track the compliance of your defined data protection policies in AWS Backup.


#AWS   AWS Firewall Manager now supports centralized logging of AWS Network Firewall logs
AWS Firewall Manager now enables you to configure logging for your AWS Network Firewalls provisioned using a Firewall Manager policy.


#AWS   Introducing the Ransomware Risk Management on AWS Whitepaper
AWS recently released the Ransomware Risk Management on AWS Using the NIST Cyber Security Framework (CSF) whitepaper. This whitepaper aligns the National Institute of Standards and Technology (NIST) recommendations for security controls that are related to ransomware risk management, for workloads built on AWS.


#AWS   How to set up a two-way integration between AWS Security Hub and Jira Service Management
If you use both AWS Security Hub and Jira Service Management, you can use the new AWS Service Management Connector for Jira Service Management to create an automated, bidirectional integration between these two products that keeps your Security Hub findings and Jira issues in sync.


#GCP   Built-in transparency, automation, and interoperability for Cloud KMS
New features bring increased transparency, improved interoperability, and greater automation to Google Cloud KMS.


#GCP   Protect your apps from bots with Cloud Armor and reCAPTCHA Enterprise
Google announced the public preview of Cloud Armor bot management with reCAPTCHA Enterprise. This new set of capabilities is centered around a new deep integration between reCAPTCHA Enterprise and Cloud Armor.


#GCP   Better Kubernetes application monitoring with GKE workload metrics
Google announced a new capability that makes it easier than ever to monitor your Google Kubernetes Engine (GKE) deployments: GKE workload metrics.


#GCP   New data sovereignty controls for EU customers
New sovereign controls can help Cloud customers in the EU meet digital sovereignty requirements.


#AZURE   The Azure Sentinel Anomalies Simulator
Microsoft announced the "Unusual Mass Downgrade AIP Label" anomaly simulator, the first in a series of simulators for Azure Sentinel Anomalies.


#AZURE   Advancing reliability through a resilient cloud supply chain
How Microsoft is handling supply chain disruptions.


#AZURE   Streamline your DDoS management with new Azure Firewall Manager capabilities
Azure DDoS Protection Standard provides enhanced DDoS mitigation features to defend against DDoS attacks. It is automatically tuned to protect all public IP addresses in virtual networks.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini