Release Date: 10/11/2019 | Issue: 11
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

This week's articles

Helm Security Audit Results
As part of the graduation criteria for CNCF projects, Helm 3 has successfully completed its security audit, available in the Helm community repo. In summary, there was only one noteworthy finding and it did not lead to an exploit.

Multi-Account Log Aggregation in AWS for Observability and Operations
Two part series which reviews the basic concepts and discuss different ways of aggregating logs from AWS. Part 1 focuses on forwarding logs to a centralised account, whereas Part 2 covers the actual implementation steps.

Designing Docker Hub Two-Factor Authentication
Docker Hub has finally gotten 2FA to stop container take over.

Kubernetes kube-proxy iptables rules
Tim Hockin (@thockin) released a thorough flowchart describing how the kube-proxy iptables rules work.

Kubernetes Patterns Book
The full copy (all 266 pages) of 'Kubernetes Patterns' e-book is available for free!

Amazon CloudWatch launches cross-account cross-region dashboards
Amazon CloudWatch now includes cross-account cross-region dashboards, which enable you to create high level operational dashboards, and with one click, drill down into more specific dashboards in different AWS accounts without having to log in and out of different accounts or switch AWS Regions. It is intended for centralized operations teams, DevOps engineers, and service owners who need to monitor, troubleshoot, and analyze applications running in multiple regions and accounts.

tracee - Container tracing using eBPF
The Aqua Security team released tracee, a lightweight, easy to use container tracing tool. After launching the tool, it will start collecting traces of newly created containers. The collected traces are mostly system calls performed by the processes running inside the containers, but other events, such as capabilities required to perform the actions requested by the container, are also supported.

I'm aware that, sadly, not many people are familiar (or even aware!) with The Update Framework (TUF). That's why I'm happy to see that AWS has released Rust libraries and tools for using and generating TUF repositories.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present, CloudSecList by Marco Lancini.