Release Date: 17/07/2022 | Issue: 146
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Vanta’s State of Startup Security Report
Vanta asked startups to honestly answer questions about their security posture, planning, and prioritization. Over 500 people took part in our survey and we’re sharing the results.
Learn more today!

This week's articles


MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 1
Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.   #attack   #explain   #kubernetes


Awesome Cloud Native Trainings
All the free trainings (with and without certificates) released from different companies supporting CNCF Projects and Kubernetes.   #explain


Cloud design patterns
Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.   #azure   #build


Transparently Immutable Tags using Sigstore's Rekor
A nice approach to verifying container image (im)mutability using a transparency log, which allows to verify if a tag has changed since the last time it was seen.   #containers   #defend


How attackers use exposed Prometheus server to exploit Kubernetes clusters
More ways to compromise Kubernetes via a publicly exposed service. This time it's Prometheus.   #attack   #kubernetes


How to think about threat detection in the cloud
Detecting cybersecurity threats in the cloud is different from on-premises. Here's why.   #gcp   #monitor


Exploiting Authentication in AWS IAM Authenticator for Kubernetes
This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.   #attack   #aws


A Practical Guide to Capturing Production Traffic with eBPF
This blog explores the main concepts behind eBPF technology and provides step by step instructions on how to build your own eBPF-based traffic capturing tool.   #explain   #monitor


Datadog Security Labs
Datadog announced the "Datadog Security Labs", a new dedicated place for their security research content. It will host the release of new open source tools, research projects, emerging threat reports, deep dives, telemetry studies, and more.   #announcement

Sponsor

How to secure Kubernetes deployment with signature verification
When running containers in a Kubernetes cluster, trusting the images you deploy is key to enforce security. The use of mutable images represents a risk to the secure Kubernetes deployment. Read this blog to learn step-by-step how to implement a secure Kubernetes deployment.
Learn More

Tools


openrolesanywhere
Open-source proof-of-concept client for AWS IAM Roles Anywhere.


dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.


gitleaks-action
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos.

CloudSecDocs


SLSA
A cheatsheet around SLSA, explaining threats, levels, requirements, and implementations.

From the cloud providers


#AWS   Amazon GuardDuty introduces new capabilities to detect malicious access to data stored in S3 buckets
GuardDuty introduces new machine learning capabilities that can more accurately identify malicious activity associated with known attack tactics, including the following: Data discovery, Tampering, Exfiltration.


#AWS   Eligible customers can now order a free MFA security key
AWS will now send you an MFA key to help secure your account.


#AWS   Automated Forensics Orchestrator for Amazon EC2
Self-service solution to capture and examine data from EC2 instances and attached volumes for forensic analysis in the event of a potential security breach.


#GCP   Introducing Batch, a new managed service for scheduling batch jobs at any scale
The new Batch managed service manages job queues, provisions and autoscales resources, runs jobs, executes subtasks, and deals with common errors.


#GCP   Invest early, save later: Why shifting security left helps your bottom line
By "shifting left", identifying cloud-related misconfigurations earlier, organizations can improve the quality of their products and lower their security costs.


#GCP   Security Monitoring in Google Cloud
Moving to the cloud comes with the fundamental question of how to effectively manage security and risk posture. From a Security Operations (SecOps) perspective, there are few core requirements that you may need for effective security and risk management in the cloud. Here are four big ones that are essential for SecOps.


#AZURE   Introducing the Azure Developer CLI (azd): A faster way to build apps for the cloud
The Azure Developer CLI provides developer-friendly commands that map to key stages in your workflow: code, build, deploy, monitor, repeat.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini