Release Date: 01/10/2023 | Issue: 207
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Introducing the "Business News" Section!
This week, I am experimenting with a new section in the newsletter: Business News!
As always, feedback is appreciated
Sponsor

Discover all cloud accounts with Nudge Security
Nudge Security discovers all AWS, GCP and Azure assets ever created by anyone in your organization, including the unmanaged accounts your teams may have forgotten about. And, youโ€™ll get alerted as new accounts are created so you can ensure proper security controls are applied from day one.
Get a free cloud and SaaS inventory in minutes - no agents, browser plug-ins, network changes, or browser plug-ins required.
Start free trial

This week's articles


Security is about data: how different approaches are fighting for security data and what the cybersecurity data stack of the future is shaping up to look like
Looking at different players promising to solve the security data problem, what each of them brings to the table, and the trends defining what the cybersecurity data stack of the future is going to be.   #strategy


Pitfalls of relying on eBPF for security monitoring (and some solutions)
EBPF (extended Berkeley Packet Filter) has emerged as the de facto Linux standard for security monitoring and endpoint observability. But eBPF was never intended for security monitoring. It is first and foremost a networking and debugging tool.   #monitor


GitHub Actions could be so much better
GitHub Actions is a regular source of profound frustration for the author of this post in their development processes. This post lists some of those frustrations, and how they think GitHub could improve on them (or even fix them outright).   #build   #ci/cd


A Simple, Yet Effective Cost Optimization Framework
Turn stuff off. Store less data. Move less data. Cloud-ify your workloads. Pre-pay for resources. Repeat.   #strategy


The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree
How a novel attack vector in GitHub Actions allows attackers to distribute malware across repositories using a technique that exploits the actions dependency tree.   #attack   #ci/cd


Surprise: When Dependabot Contributes Malicious Code
In July 2023, malicious commits were detected on GitHub, disguised as contributions by Dependabot. Threat actors fabricated these to steal users' GitHub personal access tokens and insert malicious code, which exfiltrated project secrets to a server and modified JavaScript files with password-stealer malware, affecting end-users.   #attack   #ci/cd


Remote analysis on cloud object-storage
The journey of making the volatility3 framework compatible with S3 object-storage to perform memory analysis over the network.   #attack   #aws


MITRE Security Automation Framework
MITRE SAF supports security processes at all stages of the software lifecycle, from planning secure system design to analyzing operational security data.   #strategy   #supply-chain

Sponsor

Opal โ€“ Modern Identity Security
Opal is designed to give teams the building blocks for identity-first security: view authorization paths, manage risk, and seamlessly apply intelligent policies built to grow with your organization.

Opal is used by best-in-class security teams today, such as Blend, Databricks, Exelixis, Figma, Scale AI, and more. There is no one-size-fits-all when it comes to access, but Opal provides the data foundation to scale least privilege the right way.

Tools


substation
Substation is a cloud-native, event-driven data pipeline toolkit designed for security and observability teams.


wazuh
Wazuh is a free and open source platform used for threat prevention, detection, and response.


SnowAlert
SnowAlert is a security analytics framework that uses the Snowflake Cloud Data Platform to detect security incidents and policy violations.


Building Custom Scenarios with CNAPPgoat
You can now construct and import your own vulnerability scenarios into CNAPPgoat.


terraform-aws-api-gateway
Terraform module to create Route53 resource on AWS for create api gateway with its basic elements.

From the cloud providers


#AWS   Automate Lambda code signing with Amazon CodeCatalyst and AWS Signer
How to use Amazon CodeCatalyst with AWS Signer to fully manage the code signing process to ensure the trust and integrity of code assets.


#AWS   Deploy AWS WAF faster with Security Automations
You can now deploy AWS WAF managed rules as part of the Security Automations for AWS WAF solution.


#AWS   Enable external pipeline deployments to AWS Cloud by using IAM Roles Anywhere
Post walking through the steps on how to obtain AWS temporary credentials for your external CI/CD pipelines by using IAM Roles Anywhere and an on-premises hosted server running Azure DevOps Services.


#AWS   Amazon SNS message data protection can now de-identify outbound messages via redaction or masking
SNS can now detect and automatically mask PII data or even block the transmission of data.


#GCP   New custom security posture controls and threat detections in Security Command Center
Security Command Center now allows organizations to design their own customized security controls and threat detectors for their Google Cloud environment.

Sponsor CloudSecList

If you want to get your product or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
๐Ÿ“จ [email protected] ๐Ÿ“จ

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini