Release Date: 19/12/2021 | Issue: 118
The Cloud Security Reading List is a low volume newsletter (delivered once per week) that highlights security-related news focused on the cloud native landscape, hand curated by Marco Lancini.
πŸŽ„ Holiday Break πŸŽ„
After this issue, I will probably take a couple weeks off to disconnect and recharge. CloudSecList will return in January!
Sponsor

Penetration testing software
Faraday allows you to automate every phase of your vulnerability management ecosystem. Now it is smoother than ever before. Our software integrates more than 80 scanning tools and automatically deduplicates repeated issues. From an elegant dashboard, tag and prioritize your vulnerabilities with ease. Automate repetitive tasks with agents and pipelines, and integrate security issues with your preferred workflow management tool. Our new version is cloud-based, which means you can get started right now as quickly as vulnerability management will call for you.
Scale your security team with Faraday.

This week's articles


How eBPF will solve Service Mesh - Goodbye Sidecars
#design, #monitor
How we can build an eBPF-based service mesh in the kernel to replace the complex sidecar model.


Cloud Security Remediation Guides
#aws, #azure, #defend, #gcp
CloudSploit's remediation guides are intended to be an open-source resource for improving cloud security. Many cloud IaaS providers like AWS, Azure, and Google Cloud have a shared responsibility model. They provide the physical and architectural security, along with tools to properly secure the services they offer, but it is up to the user to configure those settings properly.


Getting started with runtime security and Falco
#explain, #falco
How to get started with Falco to overcome the challenges of implementing runtime security for cloud-native workloads.


Determining AWS IAM Policies According To Terraform And AWS CLI
#aws, #explain, #iam
The process of granting the least privileges required to execute "aws s3 ls" and "terraform apply" by a CI/CD runner.


Istio OIDC Authentication
#build, #istio
How Istio can be configured to manage the OpenID Connect (OIDC) authentication flow for applications running within the mesh to allow both authentication and authorisation decisions to be offloaded to Istio.


(Typical) journey towards full GitOps
#build
Post describing a typical journey towards GitOps with Flux.


Evadere Classifications
#monitor
Deep dive into the different types of evasion and bypasses an adversary will use during an attack chain.

Tools


cf-terraforming
Command line utility to facilitate terraforming your existing Cloudflare resources.


aws-cdk-github-oidc
CDK constructs to use OpenID Connect for authenticating your Github Action workflow with AWS IAM.


cdk-dia
Automated diagrams of CDK provisioned infrastructure.


magtape
MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations.

Sponsor

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
πŸ“¨ [email protected] πŸ“¨

From the cloud providers


AWS Icon  Using CloudTrail to identify unexpected behaviors in individual workloads
A practical approach that you can use to detect anomalous behaviors within AWS workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions.


AWS Icon  Using AWS security services to protect against, detect, and respond to the Log4j vulnerability
Post providing guidance to help customers who are responding to the recently disclosed log4j vulnerability.


AWS Icon  Modernize your Penetration Testing Architecture on AWS Fargate
How you can use modern cloud technologies to build a scalable penetration testing platform, with no infrastructure to manage.


GCP Icon  Investigating the usage of GCP Service Accounts
Three GCP services to help you to investigate Google Cloud Service Account usage and mitigate against unintended consequences during key rotation.


GCP Icon  Continuous Compliance Engineering GCP case studies
Three real GCP controls framework technical examples for regulated FSI Google Cloud customers to help maintain security and compliance postures.


Azure Icon  Ratify container supply chain in Kubernetes
Ratify is a container image and artifacts verification framework to approve deployments in Kubernetes. Ratify can use and coordinate any number of custom verifiers based on policy including signatures, SBOMs, and scan results.

Thanks for reading!

If you found this newsletter useful and interesting, and know other people who would too, I'd really appreciate if you'd forward it to them πŸ™

If you have questions, comments, or feedback, just reply to this email orΒ let me know on Twitter @lancinimarco!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share
Website
Twitter
View this email in your browser Β© 2019-present
The Cloud Security Reading List by SecurityBite LTD.