Release Date: 11/12/2022 | Issue: 167
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

☸️ DevSecGuide to Kubernetes ☸️
Solve the unique challenges Kubernetes presents for cloud-native AppSec in the Kubernetes DevSecOps Guide. Inside, you’ll learn how to build on top of Kubernetes’ built-in security foundation for improved coverage, automation, and DevSecOps collaboration. Plus, you’ll get insights into:
  • Security considerations across each layer of Kubernetes
  • Inherent security advantages and challenges with Kubernetes
  • Best practices for embedding seamless security across the K8s development lifecycle
  • And more!
Get the DevSecGuide to Kubernetes for free

This week's articles

Compromised Cloud Compute Credentials: Case Studies From the Wild   #attack, #aws, #gcp
A walk-through of attacks in the wild that abuse stolen cloud compute credentials in cloud environments.

Vulnerability Inbox Zero   #defend, #strategy
Love them or hate them, vulnerability scanners aren't going anywhere. You should tame the avalanche of findings with a noise-suppressing processing pipeline. Think in shovels, not in teaspoons.

Building the Threat Detection Ecosystem at Brex   #monitor, #strategy
Brex's approach to building threat detection systems is to abstract the capabilities that allow for high-quality detections and then adapt to the best platforms that are available and appropriate for the team.

Palantir's FIDO2 secure implementation rollout   #azure, #defend, #strategy
The second in a series by Palantir InfoSec on their journey enforcing FIDO2 authentication via hardware authenticators (YubiKeys) across all of Palantir.

Visualizing Multi Cloud IAM Concepts   #aws, #azure, #explain, #gcp, #iam
Some diagrams to understand key AWS, Azure and GCP IAM concepts and terminology.

Forensic container checkpointing in Kubernetes   #defend, #explain, #kubernetes
Forensic container checkpointing is based on Checkpoint/Restore In Userspace (CRIU) and allows the creation of stateful copies of a running container without the container knowing that it is being checkpointed.

Prioritization of the Detection Engineering Backlog   #defend, #monitor
The detection engineering backlog is a vital starting point for every detection engineering function. By providing an area of input into the detection engineering backlog, cross-functional efficiency can enhance the capability of the detection engineering function.

Dynamic Secrets for Waypoint with Vault   #build, #vault
Learn how to source dynamic secrets from HashiCorp Vault in your Waypoint deployments using dynamic configuration.

Recap of AWS re:Invent 2022: An Honest Review   #aws, #explain
Properly assess whether all those announcements should mean anything to you; here's the ultimate AWS re:Invent 2022 recap you were looking for.


Example recipes for Kubernetes Network Policies that you can just copy paste.

A tool to check the security settings of Github Organizations.

Pike is a tool for determining the permissions or policy required for IAC code.

GCPGoat : A Damn Vulnerable GCP Infrastructure.

A simple tool to check if an IP/hostname belongs to the AWS IP space or not.

A tool for visualizing dynamic node usage within a cluster.

From the cloud providers

AWS Icon  How to secure your SaaS tenant data in DynamoDB with ABAC and client-side encryption
How to implement client-side encryption of data in Amazon DynamoDB with the Amazon DynamoDB Encryption Client, leveraging IAM and KMS.

AWS Icon  How to detect security issues in Amazon EKS clusters using Amazon GuardDuty
How to detect and investigate security issues in an EKS cluster with Amazon GuardDuty and Amazon Detective.

AWS Icon  Approaches for authenticating external applications in a machine-to-machine scenario
This post is designed to help you decide which approach is best to securely connect your applications, either residing on premises or hosted outside of AWS, to your AWS environment when no human interaction comes into play.

GCP Icon  Auditing GKE Clusters across the entire organization
How to establish GKE cluster governance for Google Cloud organization using the GKE Policy Automation, an open-source tool created by the Google Professional Services team.

GCP Icon  Automated Sync among GCP secrets & GKE workload
How to integrate GCP secret manager and GKE secrets using the External Secrets Operator.

Azure Icon  Microsoft Azure's defense in depth approach to cloud vulnerabilities
This piece kicks off a 4-part Azure Built-In Security series intended to share lessons Microsoft learnt from recent cloud vulnerabilities and how they are applying these learnings to ensure their technologies and processes are secure for customers.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present, CloudSecList by Marco Lancini.