Release Date: 22/10/2023 | Issue: 210
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Discover all cloud accounts with Nudge Security
Nudge Security discovers all AWS, GCP and Azure assets ever created by anyone in your organization, including the unmanaged accounts your teams may have forgotten about. And, you’ll get alerted as new accounts are created so you can ensure proper security controls are applied from day one.
Get a free cloud and SaaS inventory in minutes - no agents, browser plug-ins, or network proxies required.
Start free trial

This week's articles


BeyondTrust Discovers Breach of Okta Support Unit
BeyondTrust has discovered a breach of Okta’s support unit, which has resulted in the exposure of customer data. You can also read the Cloudflare's writeup which contains recommendations for Okta’s customers.   #attack   #saas


Report: Voice of the SOC 2023
Discover insights and recommendations from a survey of 900 security professionals, and the takeaways for leadership.   #monitor   #strategy


Everything you need to know about the Microsoft Graph Activity Logs
An introduction on the new Graph APIs that can help incident responders close some visibility gaps.   #azure   #monitor


What Can Go Wrong When an EC2 Instance is Exposed to SSRF
New CNAPPgoat scenario makes experimentation easy by triggering calls to AWS service from an EC2 instance exposed to SSRF.   #attack   #aws


malicious-packages
A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.   #defend   #supply-chain


Changing Sealed Secrets Passwords in Kubernetes
There are plenty of articles that focus on installing Bitnami's Sealed Secrets application and creating your first Sealed Secret within Kubernetes. However, most article do not cover how to change passwords defined within a Sealed Secret.   #build   #kubernetes


Terraform AWS Provider: Everything you need to know about Multi-Account Authentication and Configuration
Post covering multiple options available to configure the authentication between Terraform and AWS.   #aws   #build   #terraform


Adopt Open ID Connect (OIDC) in Terraform for secure multi-account CI/CD to AWS
Deploy to AWS with Terraform and GitHub Actions using Open ID Connect (OIDC) and IAM AssumeRoleWithWebIdentity. Say goodbye to IAM users and long-lived credentials.   #aws   #ci/cd   #iam

Sponsor

Opal – Modern Identity Security
Opal is designed to give teams the building blocks for identity-first security: view authorization paths, manage risk, and seamlessly apply intelligent policies built to grow with your organization.

Opal is used by best-in-class security teams today, such as Blend, Databricks, Exelixis, Figma, Scale AI, and more. There is no one-size-fits-all when it comes to access, but Opal provides the data foundation to scale least privilege the right way.

Tools


kexp
Understand Kubernetes - the visual way. Not yet another attempt to manage production clusters in the browser.


ipv4-usage-monitoring-for-aws
This script allows customers to iterate through all regions and all accounts in an organization to enumerate all public IPs and flag certain IPs that may be unnecessary for further investigation.


marvin
Marvin is a CLI tool that scans a k8s cluster by performing CEL expressions to report potential issues, misconfigurations and vulnerabilities.


amazon-cloudfront-secure-static-site
Create a secure static website with CloudFront for your registered domain.


GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API. You can also refer to the companion blog post.

From the cloud providers


#AWS   Announcing the AWS Well-Architected Framework DevOps Guidance
The AWS DevOps Guidance introduces the AWS DevOps Sagas, a collection of modern capabilities that together form a comprehensive approach to designing, developing, securing, and efficiently operating software at cloud scale.


#AWS   Amazon EC2 now supports setting AMIs to a disabled state
Disabling an AMI changes its state to disabled, makes the AMI private if it was previously shared, and prevents any new EC2 instance launches from that disabled AMI.


#GCP   Introducing Actions and Alerts in Advanced API Security
Shift your security approach to proactively identify and act on security threats with security actions and alerts.


#GCP   Cloud CISO Perspectives: How boards can help cyber-crisis communications
Google Cloud CISO Phil Venables talks about the important (and often undervalued) organizational skill of crisis communications.




#AZURE   Azure security best practices and patterns
This article links you to security best practices and patterns for different Azure resources.


#AZURE   Operationalizing Microsoft Security Copilot to Reinvent SOC Productivity
Microsoft is bringing Security Copilot into Microsoft 365 Defender.

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini