Release Date: 27/08/2023 | Issue: 202
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

Tines's Essential Guide to No-Code Automation for Security Teams serves as the ultimate resource on no-code automation for security practitioners. It provides an overview of what no-code automation is, why it is a critical skill for those at the forefront of security operations, and how to bring the power of no-code automation to your security team. In addition, the playbook includes a variety of resources, from customer case studies and success stories to tips to prepare for the future and best practices for implementation.
View the full guide

This week's articles

The building blocks of modern enterprise identity   #strategy
The article discusses the importance of modern enterprise identity in the context of cloud-native technologies. It highlights the key building blocks of identity, including authentication, authorization, and identity governance, and emphasizes the need for a comprehensive and scalable identity solution to ensure security and compliance in the cloud.

Risk in AWS SSM Port Forwarding   #attack, #aws
A surprising AWS Systems Manager Session Manager (SSM) default that can introduce risk, especially for customers using SSM's Port Forwarding features.

Shipping RDS IAM Authentication (with a bastion host & SSM)   #aws, #build, #iam
A basic guide to getting RDS IAM Authentication set up when you're using a Private Endpoint.

Methods to Backdoor an AWS Account   #attack, #aws
Post exploring some methods that an adversary can use to create backdoors in your AWS account: access keys, AssumeRole, changing Security Groups, UserData scripts, and SSM Send-Command.

Container security fundamentals part 5: AppArmor and SELinux   #containers, #explain
A look at how AppArmor and SELinux are used in Linux and container systems.

Kubernetes Security Ultimate Checklist   #explain, #kubernetes
A security checklist to understand the basics of authentication, authorization, audit logging, and admission control of Kubernetes.

Building Docker Images Smaller, Rootless and Non-Shell for Kubernetes   #build, #containers
The article discusses how to build smaller Docker images for Kubernetes by using rootless and non-shell configurations. It provides step-by-step instructions and code examples to help optimize container images.

Pivoting Clouds in AWS Organizations: Examining AWS Security Features and Tools for Enumeration   #attack, #aws
The architecture and considerable number of enabled/delegated service possibilities in AWS Organizations presents a serious vector for lateral movement within corporate environments. This could easily turn a single AWS account takeover into a multiple account takeover.

Kubernetes Validating Admission Policies: A Practical Example   #explain, #kubernetes
An example showing how to use the new Common Expression Language (CEL) to declare validation rules.


Integration with Kubernetes Validating Admission Policy
Gatekeeper can now integrate with Kubernetes Validating Admission Policy based on Common Expression Language (CEL).

Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management. You can also refer to the companion blog post.

HashiCorp-relevant rules for the Semgrep code analysis tool.

POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF.

Securely connect to RDS and other AWS resources in a VPC with no idle cost.


Prevent cyberattacks from hurting your business with NordPass, a password manager designed by the team behind NordVPN. NordPass Business has been audited by Cure53 and is ISO 27001 and SOC 2 Type 1 certified.
NordPass is an intuitive tool that your employees will actually use. And that's ideal because password managers work their best magic when everyone in the company uses them. But if your team needs help, NordPass offers tech support 24/7.
Get started with a 14-day free trial

From the cloud providers

AWS Icon  How we designed Cedar to be intuitive to use, fast, and safe
This post is a deep dive into the design of Cedar, an open source language for writing and evaluating authorization policies.

AWS Icon  How AWS built the Security Guardians program, a mechanism to distribute security ownership
How AWS developed a mechanism to scale security processes and expertise by distributing security ownership between security teams and development teams.

AWS Icon  AWS Digital Sovereignty Pledge: Announcing new dedicated infrastructure options
AWS announced further control over the location of your data.

AWS Icon  AWS Certificate Manager introduces Enterprise Controls to help govern certificate issuance
You can now use IAM condition context keys with AWS Certificate Manager (ACM) to help ensure that users are issuing certificates that conform to your organization's public key infrastructure (PKI) guidelines.

GCP Icon  New zero trust and digital sovereignty controls in Workspace, powered by AI
Google announced new zero trust, digital sovereignty, and threat defense controls powered by Google AI to help organizations keep their data safe.


Hiring? Feature your listings below - reach out now at [email protected]

Lead Cybersecurity Engineer - Visa
Visa is looking for a Security Engineer to serve as a subject matter expert and technical lead in the IAM team for various Cloud Security deployments.

Senior Cloud Security Engineer - Snowflake
Snowflake is looking for new members for their Cloud Security Assurance team, responsible for maintaining (and raising) the security bar across their production cloud environments.

Cloud Security Engineer - Vanguard
Vanguard is looking for security engineers with Azure experience.

Principal Cloud Security Engineer - LastPass
The LastPass Product Security team is looking for a Staff/Principal Cloud Security Engineer candidate to join their team and help them ensure the privacy and security of their company and user's data.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present, CloudSecList by Marco Lancini.