Release Date: 16/03/2025 | Issue: 279
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

AWS EKS Security Best Practices
Tired of feeling overwhelmed by the complexities of securing your EKS environment? Look no further. This comprehensive cheat sheet is your one-stop resource for mastering EKS security best practices and safeguarding your cloud-native applications. Packed with actionable advice that you can put in place immediately, learn how to improve the security posture of your EKS environment, from initial setup to ongoing monitoring and compliance.

Get the AWS EKS Cheat Sheet

This week's articles


Contextual Vulnerability Management With Security Risk As Debt
How DigitalOcean redesigned its vulnerability management program using the concept of "security debt" to drive meaningful risk reduction and empower engineering teams to prioritize and resolve security issues autonomously.   #defend   #process   #strategy


The Zero Noise Approach: Combating Cloud Alert Fatigue
By adopting the 'Zero Noise' approach - prioritizing attacker-focused detections, continuous feedback loops, and a 'no alert left behind' mentality - security teams can cut through cloud alert noise, enabling swift and precise responses to true threats.   #monitor   #strategy


Shrinking the haystack: Building a cloud threat detection engine
A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats.   #build   #defend


Abusing VS Code's Bootstrapping Functionality To Quietly Load Malicious Extensions
Post which highlights the risks associated with VS Code's popular plugin system, which can be exploited by threat actors to run untrusted code within a trusted environment.   #attack   #supply-chain


Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Post detailing newly discovered authentication bypass vulnerabilities in the ruby-saml library used for single sign-on (SSO) via SAML on the service provider (application) side.   #attack   #saas   #supply-chain


MistakenVMtity: Another cloud image confusion attack
Post discussing vulnerabilities in Azure's CLI related to cloud image confusion attacks, similar to those identified last month in AWS.   #attack   #azure


Ephemeral values in Terraform
Post explaining how ephemeral values, resources, and write-only arguments work.   #explain   #iac   #terraform

Advance Your Cloud Security Career

Want to break into Cloud Security or move up fast?
πŸ“™ The CloudSec Engineer gives you straight-to-the-point, no-BS career advice based on real-world experience.
From landing your first role to securing senior and leadership positions, this book helps you navigate the path with practical insights, proven strategies, and bonus tools to track your learning and ace interviews.

Don't waste time guessingβ€”get the guide that works.

Tools


groundhog
An AI Coding Assistant aiming to teach people how Cursor and all these other coding agents work under the hood.


tfmcp
An experimental CLI tool that enables AI assistants to manage and operate Terraform environments.


pocket-id
A simple and easy-to-use OIDC provider that allows users to authenticate with their passkeys to your services.


khi
A transformative log viewer for Kubernetes.


falcoctl
Administrative tooling for Falco.

From the cloud providers


#AWS   Amazon EKS now envelope encrypts all Kubernetes API data by default
EKS enables default envelope encryption for all Kubernetes API data in EKS clusters running Kubernetes version 1.28 or higher.


#GCP   Project Shield makes it easier to sign up, set up, automate DDoS protection
Project Shield employs Google Cloud Armor to defend against DDoS attacks with minimal user configuration.


#GCP   Safer and Multimodal: Responsible AI with Gemma
ShieldGemma 2 can detect harmful content in AI models' text and image inputs/outputs, built on Gemma 3 for safer AI development.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present CloudSecList Β· Marco Lancini