Release Date: 29/01/2023 | Issue: 172
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor
TrustShare: Are you spending too much time on security questionnaires? What would you rather do than answer security questionnaires? Our clients told us theyβd rather close deals, spend time with customers, get ready for an upcoming audit, or even organize their inbox. Ouch. TrustShare by Kintent is the only tool to cut down on the time you spend on questionnaires by creating a custom trust portal to securely share compliance documentation, and using AI to pre-populate over half of questionnaires. So you can get back to work, or take your dog for a nice walk. Start today
How Pinterest enforced the use of managed and compliant devices in their Okta authentication flow, using a passwordless implementation, so that access to their tools always requires a healthy Pinterest device.
#defend #strategy
GitHub Container Registry (GHCR) had an information leak bug, where names of private repos were exposed. Here's the background on how it was reported and fixed.
A recap on privilege escalation and powerful permissions in Kubernetes and an analysis of the ways various platforms have addressed it.
#attack #kubernetes
How to stand up a Sigstore deployment on your own infrastructure on Kubernetes so that you will be able to take advantage of the benefits and the assurance of not exposing sensitive resources.
#build #supply-chain
Learn how you can leverage Terraform and GKE or EKS to provision identical clusters for development, staging and production environments with a single click.
#aws #build #gcp #kubernetes
Ancestry tracking for HCP Packer provides visibility into image dependencies across your cloud environment for image lifecycle management.
#announcement #hashicorp
Sponsor
AlphaSOC: Free Adversary Simulation Utility Want to test your threat detection stack? AlphaSOC has published Network Flight Simulator (flightsim) which is a free, open source utility that synthesizes malicious traffic patterns including C2 beacons, DGA traffic, DNS tunneling, SSH exfiltration, network scanning, and cryptomining. Use flightsim to instantly uncover detection blindspots and improve your SIEM / SOAR configuration. Network Flight Simulator on GitHub
The Cryptographic Computing for Clean Rooms (C3R) encryption client and SDK provide client-side tooling which allows users to participate in AWS Clean Rooms collaborations leveraging cryptographic computing by pre- and post-processing data.
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program that facilitates the creation and enablement of secure EKS Clusters.
AWS Lambda is announcing runtime management controls which provide more visibility and control over when Lambda applies runtime updates to your functions.
The finding groups feature reduces triage time and provides a clear view of related GuardDuty findings. With finding groups, you can investigate entities and security findings that might have been overlooked in isolation.
How to use Docker to develop, deploy, and run applications by using the CloudHSM SDK, and how to manage and orchestrate workloads by using tools and services like ECS, EKS, and Jenkins.
Policy Controller enables the enforcement of programmable policies for Anthos clusters. This blog is for introducing new features launched for ACM - Policy Controller.