Release Date: 30/07/2023 | Issue: 198
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up
Sponsor

The Cloud Security Model Cheat Sheet
How leading security orgs stay ahead! As more processes move to the cloud, security teams are stuck playing catch-up. But leading security orgs are staying ahead. And the numbers prove them right. In this cheat sheet you’ll learn:
  • The 4-step process to adapt your cloud security strategy
  • How to prioritize the right pillars in your team
  • Data-backed research that proves why this is a winning approach
It’s all in the Cloud Security Model Cheat Sheet

This week's articles


Let's talk about SaaS attack techniques   #attack, #saas
A collection of SaaS attack techniques to help defenders understand the threats they face. You can also refer to the companion repository.


No keys attached: Exploring GitHub-to-AWS keyless authentication flaws   #attack, #aws, #ci/cd
While popular, GitHub-to-AWS keyless authentication mechanisms can be insecurely configured.


Swiping right on the AWS WAF CAPTCHA challenge   #attack, #aws
Post walking through a methodology for beating the AWS WAF CAPTCHA challenges programmatically.


Hijacking Cloud CI/CD Systems for Fun and Profit   #attack, #ci/cd
This research details a new technique that can be used by threat actors for supply chain attacks on open-source repositories using GCP, Azure and AWS.


Container Security Workshop   #attack, #containers, #kubernetes
Slides from @smarticu5 and @raesene container security workshop delivered at SteelCon, which covers the basics of Docker and Kubernetes security.


Automated First-Response in AWS using Sigma and Athena   #aws, #monitor
Can Sigma rules provide first-response capabilities in a post-compromised AWS environment?


Rethinking infrastructure as code from scratch   #iac, #strategy
Post pondering about infrastructure complexity, the current state of infrastructure as code, and how it will not get simpler.


AWS Networking Concepts   #aws, #explain
A mind map to link together all the different networking-related concepts from AWS.


From IP to identity: making cattle out of pets in cloud native   #explain, #kubernetes
This article traces the evolution of identity in systems programming to the current cloud native era, and shows how identity is now key to how cloud native projects, like Kubernetes and Cilium, create powerful platforms in the real world today.


Authentication and Authorization for OCI File Storage (FSS) with Kerberos and LDAP   #containers
This blog post introduces Kerberos and LDAP integration with the OCI File Storage Service, providing an overview of the features and their general configuration requirements.

Tools


github-actions-goat
Deliberately Vulnerable GitHub Actions CI/CD Environment.


DFIR-O365RC
PowerShell module for Office 365 and Azure log collection.


infrastructure-assessment-iac-automation
Deploys all the resources needed in order to setup resource assessment capabilities in an AWS account.


AWS CLI Builder
A nifty utility that helps building AWS CLI commands.


rolesanywhere-credential-helper
Rolesanywhere-credential-helper implements the signing process for IAM Roles Anywhere's CreateSession API and returns temporary credentials in a standard JSON format that is compatible with the credential_process feature available across the language SDKs.


From the cloud providers


AWS Icon  Migrating your secrets to AWS Secrets Manager, Part I: Discovery and design
A two-part blog post that provides prescriptive guidance on how you can use AWS Secrets Manager to help you achieve a cloud-based and modern secrets management system.


AWS Icon  Configure Keycloak on EKS using Terraform
Learn how to configure open source Keycloak on Amazon Elastic Kubernetes Service (Amazon EKS) using Terraform to manage an open source application in AWS.


AWS Icon  IAM Roles Anywhere credential helper adds support for OS certificate stores
IAM Roles Anywhere released credential helper version 1.0.5 to include support for X.509 certificates and private keys that are stored in macOS and Windows certificate stores.


GCP Icon  Using Workforce Identity Federation with API-based web applications
How to configure an example Javascript web application hosted in GCP to call Google Cloud APIs after being authenticated with an Azure AD using Workforce Identity Federation.


GCP Icon  Best Kept Security Secrets: Keeping secrets, the Secret Manager way
Cloud-centered integrations supported by Secret Manager with other Google Cloud services in the software supply chain make it easier and safer to store and access sensitive information.


GCP Icon  Introducing time-bound key authentication for service accounts
You can now secure service account keys with customizable options to enforce expiration dates.


GCP Icon  Introducing Cloud Armor WAF enhancements to help protect your web application and API service
Google introduced new features in Cloud Armor: granular rate limiting and flexible options to configure custom rules, and custom IP headers to further enhance protections against DDoS and other attacks.

Jobs

Hiring? Feature your listings below - reach out now at [email protected]

Sr. Security Engineer - Threat Intelligence - Snowflake
The ideal candidate will assist Snowflake leadership in making informed, knowledgeable and data driven decisions based on actionable threat intelligence.


Senior Cloud Security Engineer - Match Group
The Match Group is looking for a DevSecOps professional to provide cloud native security expertise to implement security automation, monitoring product architecture for security misconfigurations, and applying security for all phases of the software development life cycle.


Security Engineer, Cloud Vulnerability Research - Google
Google is looking for a Security Engineer to drive technical in-depth search into various Cloud-related products, tech stacks, and infrastructure.


Security Engineer - ITV
ITV Is looking for Security Engineers to help secure their data and cloud platforms.

Thanks for reading!
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present, CloudSecList by Marco Lancini.