This week's articles
An Adventure in Google Cloud threat detection
#gcp, #monitor
Post highlighting some common threats and exploits in Google Cloud, with the aim to share information to create detections that will catch the early signs of attacker activity.
Azure Threat Research Matrix
#attack, #azure, #defend
The purpose of the Azure Threat Research Matrix (ATRM) is to conceptualize the known tactics, techniques, and procedures (TTP) that adversaries may use against the Azure platform.
Securing AWS Step Functions
#aws, #defend
Some macro-areas to consider when securing step functions: IAM roles and policies, data security, logging and monitoring, and abuse.
Understanding S3 Block Public Access
#aws, #explain
What does "public" actually mean? And how does S3 Block Public Access work? This post answers these questions hoping to shed some light on how S3 Block Public Access can help protect S3 buckets from public access.
Using Nix with Dockerfiles
#build, #containers
The article discusses the benefits of using Nix, a functional package manager, with Dockerfiles to create reproducible and efficient container images. Nix allows for easy management of dependencies and versioning, while Dockerfiles provide a portable and scalable way to distribute the images.
When MFA becomes SFA
#attack, #aws
A particular case where possession of an AWS access key/secret key alone was equivalent to possession of those keys and a previously configured MFA.
|
|
Tools
scpkit
A python module to aid in Service Control Policy management in AWS accounts.
Dexter
Dexter can be placed into your CI processes to scrape through the repository and find files that contain image references, with the aim of pinning them to the immutable digest.
AzureADRoleMonitor
Azure AD Role Monitor is a small project that scans Azure AD built in roles, and automatically identifies sensitive or dangeorus roles based on the actions that the role is able to perform on an Azure AD tenant.
|
|
CloudSecDocs
AWS Organizations
Best practices for organizational units when using AWS Organizations
|
|
Sponsor
Simple doesnโt scale As organizations continue to adopt cloud services, security complexity increases exponentially leaving compliance, maintaining inventory, tracking changes, reducing misconfigurations, and handling threats and users a massive challenge. This is why weโve released FireMon Cloud Defense, a comprehensive cloud security platform that helps organizations better identify, communicate, prevent, and remediate security risks. Start using Cloud Defense Free-Tier Now!
|
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐ If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|