Release Date: 30/07/2023 | Issue: 198
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

The Cloud Security Model Cheat Sheet
How leading security orgs stay ahead! As more processes move to the cloud, security teams are stuck playing catch-up. But leading security orgs are staying ahead. And the numbers prove them right. In this cheat sheet youโ€™ll learn:
  • The 4-step process to adapt your cloud security strategy
  • How to prioritize the right pillars in your team
  • Data-backed research that proves why this is a winning approach
Itโ€™s all in the Cloud Security Model Cheat Sheet

This week's articles


Let's talk about SaaS attack techniques
A collection of SaaS attack techniques to help defenders understand the threats they face. You can also refer to the companion repository.   #attack   #saas


No keys attached: Exploring GitHub-to-AWS keyless authentication flaws
While popular, GitHub-to-AWS keyless authentication mechanisms can be insecurely configured.   #attack   #aws   #ci/cd


Swiping right on the AWS WAF CAPTCHA challenge
Post walking through a methodology for beating the AWS WAF CAPTCHA challenges programmatically.   #attack   #aws


Hijacking Cloud CI/CD Systems for Fun and Profit
This research details a new technique that can be used by threat actors for supply chain attacks on open-source repositories using GCP, Azure and AWS.   #attack   #ci/cd


Container Security Workshop
Slides from @smarticu5 and @raesene container security workshop delivered at SteelCon, which covers the basics of Docker and Kubernetes security.   #attack   #containers   #kubernetes


Automated First-Response in AWS using Sigma and Athena
Can Sigma rules provide first-response capabilities in a post-compromised AWS environment?   #aws   #monitor


Rethinking infrastructure as code from scratch
Post pondering about infrastructure complexity, the current state of infrastructure as code, and how it will not get simpler.   #iac   #strategy


AWS Networking Concepts
A mind map to link together all the different networking-related concepts from AWS.   #aws   #explain


From IP to identity: making cattle out of pets in cloud native
This article traces the evolution of identity in systems programming to the current cloud native era, and shows how identity is now key to how cloud native projects, like Kubernetes and Cilium, create powerful platforms in the real world today.   #explain   #kubernetes


Authentication and Authorization for OCI File Storage (FSS) with Kerberos and LDAP
This blog post introduces Kerberos and LDAP integration with the OCI File Storage Service, providing an overview of the features and their general configuration requirements.   #containers

Tools


github-actions-goat
Deliberately Vulnerable GitHub Actions CI/CD Environment.


DFIR-O365RC
PowerShell module for Office 365 and Azure log collection.


infrastructure-assessment-iac-automation
Deploys all the resources needed in order to setup resource assessment capabilities in an AWS account.


AWS CLI Builder
A nifty utility that helps building AWS CLI commands.


rolesanywhere-credential-helper
Rolesanywhere-credential-helper implements the signing process for IAM Roles Anywhere's CreateSession API and returns temporary credentials in a standard JSON format that is compatible with the credential_process feature available across the language SDKs.

From the cloud providers


#AWS   Migrating your secrets to AWS Secrets Manager, Part I: Discovery and design
A two-part blog post that provides prescriptive guidance on how you can use AWS Secrets Manager to help you achieve a cloud-based and modern secrets management system.


#AWS   Configure Keycloak on EKS using Terraform
Learn how to configure open source Keycloak on Amazon Elastic Kubernetes Service (Amazon EKS) using Terraform to manage an open source application in AWS.


#AWS   IAM Roles Anywhere credential helper adds support for OS certificate stores
IAM Roles Anywhere released credential helper version 1.0.5 to include support for X.509 certificates and private keys that are stored in macOS and Windows certificate stores.


#GCP   Using Workforce Identity Federation with API-based web applications
How to configure an example Javascript web application hosted in GCP to call Google Cloud APIs after being authenticated with an Azure AD using Workforce Identity Federation.


#GCP   Best Kept Security Secrets: Keeping secrets, the Secret Manager way
Cloud-centered integrations supported by Secret Manager with other Google Cloud services in the software supply chain make it easier and safer to store and access sensitive information.


#GCP   Introducing time-bound key authentication for service accounts
You can now secure service account keys with customizable options to enforce expiration dates.


#GCP   Introducing Cloud Armor WAF enhancements to help protect your web application and API service
Google introduced new features in Cloud Armor: granular rate limiting and flexible options to configure custom rules, and custom IP headers to further enhance protections against DDoS and other attacks.

Jobs

Hiring? Feature your listings below - reach out now at [email protected]

Sr. Security Engineer - Threat Intelligence - Snowflake
The ideal candidate will assist Snowflake leadership in making informed, knowledgeable and data driven decisions based on actionable threat intelligence.


Senior Cloud Security Engineer - Match Group
The Match Group is looking for a DevSecOps professional to provide cloud native security expertise to implement security automation, monitoring product architecture for security misconfigurations, and applying security for all phases of the software development life cycle.


Security Engineer, Cloud Vulnerability Research - Google
Google is looking for a Security Engineer to drive technical in-depth search into various Cloud-related products, tech stacks, and infrastructure.


Security Engineer - ITV
ITV Is looking for Security Engineers to help secure their data and cloud platforms.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini