Release Date: 06/10/2024 | Issue: 258
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor CloudSecList in 2025

CloudSecList is looking for sponsors for 2025! Some stats:
  • >10,000 Current Active Subscribers
  • 4.89/5 Subscriber Rating
  • ~50% Weekly Open Rate
  • ~40% Weekly Click-through Rate
More details at: ๐Ÿ”— cloudseclist.com/sponsor

This week's articles


Deconstructing Security Monitoring Antipatterns
Common mistakes impede SecOps effectiveness and increase burnout.   #monitor   #strategy


When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
Permiso has found that some attackers are using hijacked LLM infrastructure to power highly inappropriate AI chatbot services.   #attack   #aws


Implementing CNAPP: Key Considerations for Success
Key considerations to keep in mind when selecting a Cloud-Native Application Protection Platform (CNAPP).   #saas   #strategy


AWS: VPC Flow Logs, NAT Gateways, and Kubernetes Pods - a detailed overview
Post covering what is a NAT Gateway, what are VPC Flow Logs, and how to use them with Kubernetes.   #aws   #explain   #kubernetes   #monitor


Starter guide to understanding Okta
This article explains Okta's architecture and services, laying a solid foundation for threat research and detection engineering.   #explain   #iam   #saas


Keep track of AWS user activity with SourceIdentity attribute
How to use the SourceIdentity attribute in STS to trace all user activity in AssumeRole sessions back to corporate identities such as usernames or email addresses.   #aws   #defend   #iam


Recent Docker BuildKit Features You're Missing Out On
With introduction of BuildKit - the improved builder backend for Docker - many new features has been added to Docker, many of which are little known. So, here's a rundown of the ones you definitely need to know about and should start using to make better use of Docker.   #build   #ci/cd   #containers

Tools


slack-watchman
Slack enumeration and exposed secrets detection tool. You can also refer to the companion blog post.


dockerhoneypot-logs
Collection of Docker honeypot logs from 2021 - 2024.


cloudprefixes
Recon tool to query cloud prefixes for services associated with an IP address.


Halberd
Multi-Cloud Security Testing Tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface. You can also refer to the companion blog post.


kamal
Deploy web apps anywhere.

From the cloud providers


#AWS   Using Amazon Detective for IAM investigations
How to use Detective Investigation and how to interpret and use the information provided from an IAM investigation.


#AWS   How to perform a proof of concept for automated discovery using Amazon Macie
How you can use Macie to detect and alert you to sensitive data discovered in your AWS environment and help you determine the value of using Macie to enhance your current data protection strategies.


#GCP   Announcing new Confidential Computing updates for even more hardware security options
Google announced the GA of several new Confidential Computing options and updates to the Google Cloud attestation service. Here's what's new.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini