This week's articles
A Five Year Retrospective on Detection as Code
Post discussing the evolution of Detection as Code over the past five years, sharing insights from client implementations, and exploring current best practices in this approach.
#monitor
Thwacking DDOS with AWS WAF
AWS WAF is definitely not the best DDOS prevention tech on the market. But if you're ever in the seat and it's the tool you have, here's your guide.
#aws
#defend
Poor mans MFA for AWS Client VPN
The AWS Client VPN service is a common way to seamlessly connect users into internal networks. This post describes a low-tech, low-cost solution to better authenticate users using a second factor.
#aws
#build
A hard look at GuardDuty shortcomings
Is GuardDuty all you need for AWS threat detection? This post offers some results of adversarial simulation, a review of detection latency, and an analysis of projected S3 ransomware timing.
#aws
#defend
#explain
Using S3 as a container registry
You can use S3 as a container registry. All it takes is to expose an S3 bucket through HTTP and to upload the image's files to specific paths.
#aws
#build
|