Release Date: 19/12/2021 | Issue: 118
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up
🎄 Holiday Break 🎄
After this issue, I will probably take a couple weeks off to disconnect and recharge. CloudSecList will return in January!

Penetration testing software
Faraday allows you to automate every phase of your vulnerability management ecosystem. Now it is smoother than ever before. Our software integrates more than 80 scanning tools and automatically deduplicates repeated issues. From an elegant dashboard, tag and prioritize your vulnerabilities with ease. Automate repetitive tasks with agents and pipelines, and integrate security issues with your preferred workflow management tool. Our new version is cloud-based, which means you can get started right now as quickly as vulnerability management will call for you.
Scale your security team with Faraday.

This week's articles

How eBPF will solve Service Mesh - Goodbye Sidecars   #design, #monitor
How we can build an eBPF-based service mesh in the kernel to replace the complex sidecar model.

Cloud Security Remediation Guides   #aws, #azure, #defend, #gcp
CloudSploit's remediation guides are intended to be an open-source resource for improving cloud security. Many cloud IaaS providers like AWS, Azure, and Google Cloud have a shared responsibility model. They provide the physical and architectural security, along with tools to properly secure the services they offer, but it is up to the user to configure those settings properly.

Getting started with runtime security and Falco   #explain, #falco
How to get started with Falco to overcome the challenges of implementing runtime security for cloud-native workloads.

Determining AWS IAM Policies According To Terraform And AWS CLI   #aws, #explain, #iam
The process of granting the least privileges required to execute "aws s3 ls" and "terraform apply" by a CI/CD runner.

Istio OIDC Authentication   #build, #istio
How Istio can be configured to manage the OpenID Connect (OIDC) authentication flow for applications running within the mesh to allow both authentication and authorisation decisions to be offloaded to Istio.

(Typical) journey towards full GitOps   #build
Post describing a typical journey towards GitOps with Flux.

Evadere Classifications   #monitor
Deep dive into the different types of evasion and bypasses an adversary will use during an attack chain.


Command line utility to facilitate terraforming your existing Cloudflare resources.

CDK constructs to use OpenID Connect for authenticating your Github Action workflow with AWS IAM.

Automated diagrams of CDK provisioned infrastructure.

MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations.

Sponsor CloudSecList

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
📨 [email protected] 📨

From the cloud providers

AWS Icon  Using CloudTrail to identify unexpected behaviors in individual workloads
A practical approach that you can use to detect anomalous behaviors within AWS workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions.

AWS Icon  Using AWS security services to protect against, detect, and respond to the Log4j vulnerability
Post providing guidance to help customers who are responding to the recently disclosed log4j vulnerability.

AWS Icon  Modernize your Penetration Testing Architecture on AWS Fargate
How you can use modern cloud technologies to build a scalable penetration testing platform, with no infrastructure to manage.

GCP Icon  Investigating the usage of GCP Service Accounts
Three GCP services to help you to investigate Google Cloud Service Account usage and mitigate against unintended consequences during key rotation.

GCP Icon  Continuous Compliance Engineering GCP case studies
Three real GCP controls framework technical examples for regulated FSI Google Cloud customers to help maintain security and compliance postures.

Azure Icon  Ratify container supply chain in Kubernetes
Ratify is a container image and artifacts verification framework to approve deployments in Kubernetes. Ratify can use and coordinate any number of custom verifiers based on policy including signatures, SBOMs, and scan results.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present, CloudSecList by Marco Lancini.