Release Date: 08/01/2023 | Issue: 169
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Join 750+ cloud security experts to learn, share secrets, and connect
In three weekly online sessions starting January 11, hear security leaders, CISOs, industry peers, and world-renowned researchers share tactics and top actionable insights to help you prepare and adapt your strategy for 2023. No matter your level of cloud maturity, accelerate your cloud security at CloudSec 360 presented by Wiz. Hear from:
  • Pete Chronis, CISO at Paramount
  • Eric Bauer, Director of Cloud Security at Proctor & Gamble
  • Shir Tamari, Head of Research at Wiz
Secure your spot today

This week's articles


Supply-Chain Security: Evaluation of Threats and Mitigations
This blog details research into threat modeling for supply-chain, the evaluation of the effectiveness of each countermeasure such as SBOM, and the design of a centralized CI pipeline.   #ci/cd   #defend   #strategy


Incident Response Methodologies 2022
CERT Societe Generale provides easy to use operational incident best practices.   #defend   #monitor


Cloud penetration testing: Not your typical internal penetration test
A funny post where the author shares the stages of ignorance and awareness they encountered, so to help others progress through the early stages more quickly than they did.   #attack   #aws   #explain


State of Azure IAM 2022
Azure IAM has seen major growth with 2710 new permissions and 60 new built-in roles added in 2022.   #azure   #iam


Cross-tenant network bypass in Azure Cognitive Search
How enabling a single vulnerable feature removed the entire network and identity perimeter around internet-isolated Azure Cognitive Search instances.   #attack   #azure


Cloud Cred Harvesting Campaign
A credential harvesting campaign targeting cloud infrastructure. The majority of the victim system were running public facing Juptyer Notebooks.   #attack   #aws


Kubernetes 1.26: Introducing Validating Admission Policies
In Kubernetes 1.26, the 1st alpha release of validating admission policies is available. Validating admission policies use the Common Expression Language (CEL) to offer a declarative, in-process alternative to validating admission webhooks.   #announcement   #explain   #kubernetes


Kubernetes v1.26: GA Support for Kubelet Credential Providers
Kubernetes v1.26 introduced generally available (GA) support for kubelet credential provider plugins, offering an extensible plugin framework to dynamically fetch credentials for any container image registry.   #explain   #kubernetes

Sponsor

AlphaSOC: Security Analytics for Splunk
Using Splunk for threat detection and response? Instantly detect both known and unknown emerging threats using Network Behavior Analytics for Splunk, which is free to download from Splunkbase. Hundreds of security teams use the AlphaSOC Splunk app to process network telemetry and solve 70+ use cases including the detection of C2 beacons, DNS tunneling, anonymizing circuit traffic, data exfiltration, cryptomining, and spear phishing attacks.
Download Network Behavior Analytics for Splunk

Tools


Chronicle Detection Rules
This repository contains helper functions and detection rules that could be helpful to customers of Chronicle.


trivy-operator-polr-adapter
Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports.


terraform-google-log-export
Creates log exports at the project, folder, or organization level.


hardeneks
Runs checks to see if an EKS cluster follows EKS Best Practices.


confidant
Stores secrets in DynamoDB, encrypted at rest.


kube-exec-controller
An admission controller service and kubectl plugin to handle container drift in K8s clusters.

From the cloud providers


#AWS   Architecting your security model in AWS for legacy application migrations
Architecture guidelines for setting up access to commonly used resources by building a security model in AWS.


#AWS   Introducing the Security Design of the AWS Nitro System whitepaper
AWS recently released a whitepaper on the Security Design of the AWS Nitro System, a combination of purpose-built server designs, data processors, system management components, and specialized firmware that serves as the underlying virtualization technology that powers all EC2 instances launched since early 2018.


#AWS   AWS CIRT announces the release of five publicly available workshops
AWS released five workshops that simulate security events to help you learn the tools and procedures that AWS CIRT uses on a daily basis to detect, investigate, and respond to such security events.


#GCP   Proactive Network Monitoring with GCP Network Analyzer
Post exploring the different insights provided by Network Analyzer and how to configure alerts for them.


#GCP   Using Asset Insights
Cloud Asset Insights provides insights based on the IAM policies associated with your organization's resources. It is a part of the Recommender service.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini