This week's articles
A Roadmap to Zero Trust Architecture
#build, #defend, #strategy
This roadmap was built by security experts to provide a vendor agnostic Zero Trust architecture and example implementation timeline.
AWS ECR Public Vulnerability
A vulnerability that allowed external actors to delete, update, and create ECR Public images, layers, and tags in registries and repositories that belong to other AWS Accounts, by abusing undocumented internal ECR Public API actions.
Detecting Cloud Account Takeover Attacks
#aws, #azure, #gcp, #monitor
The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.
Kubernetes v1.26: Electrifying
Kubernetes v1.26 will see some security-related improvements, like signing release artifacts with cosign, and the introduction of CEL (Common Expression Language) to make admission controllers easier to develop.