CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor
Cloud Security Autopilot Securing the cloud isn't easy, regardless of your team's size. It's not enough to just detect issues - they need to be investigated, context of environment understood, and then fixed. Imagine if you could secure your cloud automatically. ARGOS finds, investigates and fixes cloud vulnerabilities - automatically, with safe rollback. We automated the most common security checks, so you don't have to. Visualise exploitable issues with context - view the entire kill chain. Say good-bye to tedious and soul-sucking analysis - connect your cloud environment in minutes with a free 14-day trial.
How to build the sigstore stack (cosign, rekor, fulcio) on your machine and use it to sign and verify container signatures without ever leaving localhost.
AWS IAM actions autocomplete, documentation and wildcard resolution for Visual Studio Code.
Sponsor CloudSecList
If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at 📨 [email protected] 📨
Learn fundamental AWS cloud security concepts, including AWS access control, data encryption methods, and how network access to your AWS infrastructure can be secured.
Step-by-step guidance for setting up JWT authorizers using Amazon Cognito as the identity provider, configuring HTTP APIs to use JWT authorizers, and examples to test the entire setup.
You can use Access Analyzer for S3 to identify S3 buckets within your zone of trust (Account or Organization) that are shared with external identities.
