Release Date: 07/05/2023 | Issue: 186
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor
Keeping VPNs and firewall rules updated across the global hybrid infrastructure with multiple clouds, availability zones, and offices is challenging. Learn more about going beyond network perimeter security by adopting device trust in this blog from Teleport, the easiest and most secure way to access all your infrastructure.
Post describing a hypothetical scenario of a cloud platform compromise with multiple components that would require investigation. Each component is an example of a real intrusion tactic that Mandiant has investigated across various cloud platforms, sometimes with logs available and sometimes without logs available.
#aws #azure #gcp #monitor
Creating Docker images can sometimes be a pain. Here are alternatives for crafting containers, like ko, Bazel, Nix, and apko, and their strengths and weaknesses.
#build #containers
Post providing an overview of ZTP tools and services, exploring their security role in DevSecOps, and outlining common pitfalls to watch out for when testing them.
#attack
Part two of the "Mitigating Risky Pull Requests with Monocle Risk Advisor" series explores how Monocle's risk scores can help developers make informed decisions about merging pull requests.
#build #ci/cd
You can now create and use passkeys on your personal Google Account. When you do, Google will not ask for your password or 2-Step Verification (2SV) when you sign in.
#defend
A misconfigured GitHub Action using a GCP Workload Identity Federation Service Account could allow any GitHub Action to assume the role.
#attack #ci/cd #gcp
AWS engaged NCC Group to conduct an architecture review of the AWS Nitro System design, with focus on specific claims AWS made for the security of the Nitro System APIs.
#attack #aws
Two SSRF and a file upload path traversal in the Azure API Management service, which allowed access to internal Azure assets.
#attack #azure
Sponsor
The Cloud Security Workflow Handbook The Wiz research team surveyed security orgs at hyper-scaling enterprises to uncover how theyβre adapting in 2023. They packed their best-practices, frameworks, and templates into this playbook including:
A breakdown of the 3 pillars of the modern cloud security operating model best-in-class orgs are moving to.
A 4-step roadmap used by the fastest-growing companies to adapt to the new threat landscape.
Plus: Goals and KPI templates for your team to track based on maturity stage presented in a convenient cheat sheet.
Two new Amazon Inspector features that scan your Lambda function application package dependencies, as well as your application code, for security vulnerabilities.
Amazon GuardDuty Malware Protection adds a new capability that allows customers to initiate on-demand malware scans of EC2 instances, including instances used to host container workloads.
AWS announced the general availability of AWS Verified Access, a service that helps you provide secure access to your corporate applications without using a VPN. Built based on AWS Zero Trust principles, you can use Verified Access to implement a work-from-anywhere model with added security and scalability.