This week's articles
Cloud cryptography demystified: Amazon Web Services
This post, part of a series on cryptography in the cloud, provides an overview of the cloud cryptography services offered within AWS : when to use them, when not to use them, and important usage considerations.
#aws
#explain
How to be IR Prepared in AWS
This blog aims to demystify AWS' sometimes complicated logging methods to help organizations prepare for when a security incident occurs, outlining which logs should be enabled for the purpose of incident investigations.
#aws
#monitor
(An Attempt at) Detecting Managed Identity Abuse
The aim of this article is to provide a few examples of how Managed Identities can be misused and how to detect this abuse by utilizing the logging features within Azure & Entra.
#attack
#azure
The Two-Headed SIEM Monster
Industry trends point to multiple SIEMs becoming a wider problem for security operations.
#monitor
#strategy
Supply Chain Vulnerability in Bazel
A GitHub Actions workflow could have been injected by a malicious code due to a command injection vulnerability in one of Bazel's dependent Actions.
#attack
#ci/cd
|