Release Date: 04/09/2022 | Issue: 153
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Understanding the Five Fundamentals of Cloud Security
The cloud attack surface is changing, and so are the attack patterns used to exploit them. Cloud environments increasingly leverage cloud native architectures and complex use of IAM, and they can’t be secured with yesterday’s tools and methods.
Download this free white paper on The 5 Fundamentals of Cloud Security - a comprehensive guide for formulating cloud security strategies with recommendations such as:
  • Environment Knowledge: 3 Cloud Security Recommendations
  • Prevention: Resource Mapping, IAM Settings, and guardrails
Check it out now!

This week's articles


Incident Response in AWS
Post intended to help those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.   #defend   #explain   #monitor


Implementing Quarantine Pattern for Container Images
Post describing some ways to implement a quarantine pattern for container images or other artifacts stored in OCI registries.   #containers   #defend


AWS IAM Interview Questions
Some AWS IAM interview questions to help understand how much an engineer might know about AWS IAM, and how to apply it.   #aws   #explain


Refresh Secrets for Kubernetes Applications with Vault Agent
Post describing the system signal and live reload methods for updating Kubernetes applications when secrets change.   #build   #kubernetes   #vault


General availability of SLSA3 Generic Generator for GitHub Actions
The SLSA community announced that they're adding a new tool to generate provenance documents for projects developed in any programming language, while keeping your existing building workflows.   #build   #ci/cd   #supply-chain


Learn Istio - How to Manage, Monitor, and Secure Microservices
A thorough introduction to Istio, showing what it does under the hood.   #containers   #explain


SMTP Matching Abuse in Azure AD
How SMTP matching can be abused to obtain privileged access via eligible role assignments, and how to prevent it.   #attack   #azure


Automating Azure Abuse Research - Part 2
Second part of a series, this time focusing on how to use the BloodHound Attack Research Kit (BARK) to perform so-called "continuous abuse primitive validation".   #attack   #azure

Tools


devbox
Devbox is a command-line tool that lets you easily create isolated shells and containers. You start by defining the list of packages required by your development environment, and devbox uses that definition to create an isolated environment just for your application.


terraform-iam-policy-validator
A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices.


AWSSigner
Burp Extension for AWS SigV4 Signing.


kconnect
kconnect is a CLI utility that can be used to discover and securely access Kubernetes clusters across multiple operating environments.

From the cloud providers


#AWS   Identity Guide - Preventive controls with AWS Identity - SCPs
Common use cases for service control policies (SCPs) in AWS Organizations & how to use them to build preventive controls.


#AWS   How to subscribe to the new Security Hub Announcements topic for Amazon SNS
You can now use SNS to subscribe to the new Security Hub Announcements topic to receive updates about new Security Hub services and features, newly supported standards and controls, and other Security Hub changes.


#AWS   Learn more about the new allow list feature in Macie
How to set up an allow list in Macie and run a Macie scan that uses the allow list to ignore the specified values when creating sensitive data findings.


#AWS   How to let builders create IAM resources while improving security and agility for your organization
How to put policies and guardrails in place that will allow your organization to grant IAM permissions to builders.


#GCP   How to move towards continuous compliance while avoiding misconfigurations
Infrastructure continuous compliance can be achieved thanks to Google Cloud's open and extensible architecture, which uses Security Command Center and open source solutions.


#GCP   A comprehensive cloud security approach for state and local governments
As the threat landscape continues to evolve, government leaders need partners that can provide in-depth security to help protect, detect, and mitigate security breaches.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini