CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Modern Privileged Access Management (PAM) Buyerβs Guide This tech paper details the questions to ask vendors when evaluating a PAM solution for modern, cloud-native applications. It is essential that a Modern PAM solution combine strong functionality for managing privileged accounts while enabling ease of use for developers and maintainability for ops teams. Learn how to ensure it does.
A paper which provides a systematic study on real-world illicit cryptomining on public CI platforms, and proposes a novel approach which suppresses the miner's revenues, rendering them unprofitable, but only has negligible impacts on the performance of CI jobs and developer productivity.
Some courses (and certifications) that teach the theory of GitOps and how to apply all of these practices in your application using the Argo project family.
Because of the Azure AD authentication platform architecture, users can bypass home tenant MFA and CA policies when logging in directly to resource tenants.
Tracee now detects suspicious behavior at runtime with an extensive data collection and rules engine with a revised signature library for an array of scenarios.
A proof-of-concept Lambda external extension that demonstrates some techniques to inspect and modify raw event data. You can also refer to the companion blog post.
Using the new AWS Resource Explorer, you can now search through the AWS resources in your account across Regions using metadata such as names, tags, and IDs.
AWS CloudTrail announces support for a delegated administrator account, which provides customers with the ability to manage organization trails and CloudTrail Lake event data stores from an account other than the management account in AWS Organizations.
GCP announced the General Availability of the GKE Gateway controller, Google Cloud's implementation of the Kubernetes Gateway API, supporting single cluster deployments, in GKE 1.24+ clusters.
All newly created Azure Front Door, Azure Front Door (classic) or Azure CDN Standard from Microsoft (classic) resources will block any HTTP request that exhibits domain fronting behavior.
Azure Front Door now supports managed identities generated by Azure Active Directory to allow Front Door to easily and securely access other Azure AD-protected resources such as Azure Key Vault.
Thanks for reading!
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! π