Release Date: 14/04/2024 | Issue: 233
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Are you looking to strengthen your cloud security and governance? Then you'll need real-time visibility into your environments โ€” and full control.
Join us for the next Visibility and Control Bootcamp and gain invaluable insights beyond compliance and configuration management. Get ready for an immersive session guided by cloud security experts and transform your organization's approach to data protection.

Prisma Cloud Security Bootcamp: Visibility and Control
Tuesday, April 16
11 AM PDT
Register

This week's articles


Docs as code is a broken promise
The pitfalls and risks of implementing a docs as code workflow, and a consideration for the future of writing docs with this workflow.   #ci/cd   #strategy


Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs
Post which explains how to identify principles and understand the identities present in GCP logs, including impersonation and third-party identities.   #explain   #gcp   #iam   #monitor


IAM Is The Worst
IAM started out as an easy idea that as more and more services were launched, started to become nightmarish to organize. It's too hard to do the right thing now and it's even harder to do the right thing in GCP compared to AWS.   #aws   #gcp   #iam


We discovered an AWS access vulnerability
The Stedi team discovered a vulnerability in STS that caused role trust policy statements to be evaluated incorrectly.   #attack   #aws


Muddled Libra's Evolution to the Cloud
Unit 42 researchers have discovered that the Muddled Libra group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments.   #attack   #aws   #saas


Using Nuclei Templates for Vulnerability Scanning
Post looking at using Nuclei templates to help with automated vulnerability detection, and detailing the creation of scenarios to test web applications and CI/CD vulnerabilities.   #attack   #ci/cd


Terraform 1.8 provider functions for AWS, Google Cloud, and Kubernetes
See usage examples of Terraform 1.8's new launch-day provider-defined functions for AWS, Google Cloud, and Kubernetes.   #explain   #terraform

Sponsor

Level up your cloud skills with Panoptica's Cloud Security Academy
Bingewatch YouTuber InsiderPhD give you 1-minute cloud security tutorials or play around with our free tools like recon.cloud. There's lots of great stuff Pantoptica has to offer to spend part of your lunch break. Be entertained. Be educated. New courses and videos added monthly!
Explore cloud security learning materials for free on Panoptica

Tools


terraform-iam-policy-validator
A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practice.


pwru
Packet, where are you? eBPF-based Linux kernel networking debugger.


Octo STS
Octo STS is a GitHub App that acts as a "Security Token Service" (aka STS) for the GitHub API. You can also refer to the companion blog post.


cloud-key-rotator
A Golang program to rotate AWS & GCP account keys.

From the cloud providers


#AWS   Detecting and remediating inactive user accounts with Amazon Cognito
A solution that uses serverless technologies to track and disable inactive user accounts.


#AWS   Lean Into Verified Software Development
Amazon built a formal model of Cedar in Lean, and proved that Cedar's components satisfy key safety and security properties.


#GCP   Announcing the general availability of Next Gen Firewall Enterprise
Introducing Cloud NGFW Enterprise, which can deliver comprehensive Zero Trust network protection for your Google Cloud workloads.


#GCP   Private, secure, and seamless connectivity to Cloud SQL using Private Service Connect
Customers can now use Private Service Connect for private connectivity from applications to Cloud SQL databases.


#GCP   Make Google part of your security team anywhere you operate, with defenses supercharged by AI
Google announced innovations across their security portfolio that are designed to deliver stronger security outcomes.


#GCP   The container platform for the next decade of AI and beyond
Cloud Run for an easy AI starting point, and GKE for training and inference.


#GCP   Implementing a Modern Detection Engineering Workflow (Part 1)
Lab that explains how to implement a modern workflow that uses free tools to automate the management of detection rules in Chronicle.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini