Release Date: 17/03/2024 | Issue: 229
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

How did a top tier global financial services institution solve their Kubernetes authentication, RBAC, and multi-tenancy challenges?
  • Satisfied security and compliance requirements
  • Provide a great experience for developers
  • Secure support for dashboards and UIs
  • Decrease load on cluster support staff
  • 100% Open Source
Find out how in our case study (no registration required)

This week's articles


Product security: barking up the wrong tree
AppSec is fine. We're not paying enough attention to corporate infrastructure risks.   #strategy


CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices
CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environments.   #defend   #strategy


NSA Releases Top Ten Cloud Security Mitigation Strategies
The NSA is releasing "Top Ten Cloud Security Mitigation Strategies" to inform cloud customers about important security practices as they shift their data to cloud.   #defend   #strategy


Trust but test: Vendor security testing at Canva
How Canva validates vendor security by going beyond compliance.   #strategy


Streamlining AWS access with Rippling at scale
Integrating IAM Identity Center and Just-In-Time access.   #build   #iam


Assessing a Detection Engineering Program for Maturity
Lessons learned when doing evaluations, and building out a Threat Detection Maturity Framework for practical use.   #monitor   #strategy


Kubernetes LAN Party
A CTF designed to challenge your Kubernetes hacking skills through a series of critical network vulnerabilities and misconfigurations.   #attack   #kubernetes


The Missing Guide to AWS API Gateway Access Logs
Learn the what, why, and how of API Gateway access logs.   #aws   #explain   #monitor

Sponsor

Elevate AWS security with Prowler SaaS
Discover and address vulnerabilities with in-depth analysis, bolster defenses with actionable insights, and ensure compliance effortlessly
Start with a free trial to secure your AWS infrastructure today

Tools


namespacehound
NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters. You can also refer to the companion blog post.


CloudGrappler
CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure. You can also refer to the companion blog post.


M365Documentation
Automatic Microsoft 365 Documentation to simplify the life of admins and consultants.


eks-ng-ami-updater
EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.

From the cloud providers


#AWS   How we sped up AWS CloudFormation deployments with optimistic stabilization
Post discussing the new optimistic stabilization strategy to shorten stack deployment times and improve visibility into resource provisioning.


#GCP   Introducing Security Command Center Enterprise
Security Command Center Enterprise is the first multicloud risk management solution that fuses AI-powered SecOps with cloud security.


#GCP   Use customer-managed encryption keys
How to use a Cloud Key Management Service (Cloud KMS) encryption key with Dataflow.


#AZURE   General availability: Microsoft Entra ID integration with Azure Cosmos DB for PostgreSQL
Now you can use Microsoft Entra ID authentication on Azure Cosmos DB for PostgreSQL clusters in addition or instead of the native Postgres authentication.


#AZURE   Now available: Free data transfer out to internet when leaving Azure
Learn how to qualify for free egress when moving your data out of Azure.

Business News

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini