Release Date: 01/09/2024 | Issue: 253
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Identity Threat Detection and Response (ITDR) Guide
Identity Threat Detection and Response has emerged as a critical component to effectively detect and respond to identity-based attacks for both human and non-human identities. Threat actors purchase credentials, compromise the identity infrastructure and move laterally across an environment.
Download this comprehensive ITDR Solution Guide to learn:
  • How to secure both human and non-human identities in an environment
  • The most common identity threat use cases
  • How identity-based attacks are commonly orchestrated against environments

This week's articles


Provisioning cloud infrastructure the wrong way, but faster
Today we're going to provision some cloud infrastructure the Max Power way: by combining automation with unchecked AI output. Unfortunately, this method produces cloud infrastructure code that 1) works and 2) has terrible security properties.   #attack   #iac


Exposing Security Observability Gaps in AWS Native Security Tooling
Post exploring the limitations and effectiveness of AWS IAM Access Analyzer in detecting publicly exposed resources across various AWS services.   #aws   #explain


The hater's guide to Kubernetes
A good starting place for avoiding many of the sandbars in the vast seas of Kubernetes.   #explain   #kubernetes


Industrial IAM Service Role Creation
A guide to tools for creating AWS IAM service roles.   #aws   #explain   #iam


My Methodology to AWS Detection Engineering (Part 1: Object Selection)
This article outlines a methodology for AWS detection engineering, focusing on understanding AWS services, identifying potential threats, and developing effective detection strategies using CloudTrail logs and other AWS-native tools.   #aws   #monitor


My Methodology to AWS Detection Engineering (Part 2: Risk Assignment)
Post focusing on the key components that make up the risk assignment rule.   #explain   #monitor


Unprotected container registries
This article explores the security risks of unprotected container registries, demonstrating how attackers can exploit them to access sensitive data, deploy malicious containers, and potentially compromise entire systems.   #attack   #containers

Tools


pht-securityhub-management
Scripts for managing your Security Hub across an organization.


kte
Test & Compare different Kubernetes security offerings on EKS, GKE and AKS. You can also refer to the companion blog post.


ssoready
Open-source dev tools for enterprise SSO.


dalec
Produce secure packages and containers with declarative configurations.

From the cloud providers


#AWS   AWS Identity and Access Management now supports AWS PrivateLink in all commercial Regions
By using PrivateLink with IAM and STS, you can now manage your IAM resources without going through public internet.


#GCP   Announcing Terraform Google Provider 6.0.0
Key changes in Terraform Google Provider 6.0.0, including opt-out default labels, deletion protection for resources, and longer name prefixes.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini