Release Date: 05/01/2020 | Issue: 18
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

This week's articles


Catalog of Supply Chain Compromises
CNCF SIG Security is creating a catalog of software supply chain compromises. The goal is not to catalog every known supply chain attack, but rather to capture many examples of different kinds of attack, so that we can better understand the patterns and develop best practices and tools.


Software Libraries Are Terrifying
Still on the topic of supply chain security, this is a nice post describing how easy it is to end up with malicious libraries in your codebase.


Demystifying AWS' AssumeRole and sts:ExternalId
AWS AssumeRole accepts an optional parameter called "sts:ExternalId" which is intended to mitigate certain types of attacks. However, both the attacks that sts:ExternalId mitigates and how to properly use it are widely misunderstood, resulting in large numbers of vulnerable AWS-based applications. This post aims to describe what sts:ExternalId does, when to use it, and how to use it.


Actionable threat hunting in AWS
Talk that Chris Farris (@jcfarris) delivered at AWS re:Invent 2019, describing how they do security monitoring and IR on AWS.


kube-psp-advisor
kube-psp-advisor is a tool that makes it easier to create K8s Pod Security Policies (PSPs) from either a live K8s environment or from a single .yaml file containing a pod specification (Deployment, DaemonSet, Pod, etc).


kube-query
kube-query is an extension for osquery, letting you visualize your cluster using SQL queries.


From the cloud providers


AWS Icon  Integrate AWS Config with Security Hub
Learn how to import AWS Config rules evaluations as findings in Security Hub.


GCP Icon  Google Cloud now supports CCPA compliance
The California Consumer Privacy Act (CCPA) is a data privacy law that imposes new requirements on businesses and gives consumers in California the right to access, delete, and opt-out of the "sale" of their personal information. Google Cloud is now committed to supporting CCPA compliance across G Suite and Google Cloud products.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present, CloudSecList by Marco Lancini.