Release Date: 11/05/2025 | Issue: 287
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Mastering AI Security: Your Essential Guide
AI is transforming business – but securing it? That’s a whole new challenge. Get access to the new eBook: "AI Security Posture Management (AI-SPM) for Dummies", a practical guide to help security teams navigate AI risks and secure AI pipelines at every stage with confidence. Learn how to:
  • Manage AI-specific security risks
  • Secure your AI pipelines from development to deployment
  • Assess your organization’s AI security posture
  • Implement best practices to stay ahead of emerging threats
Get the Guide

This week's articles


Passkeys for Normal People
Post looking at how to set them up, how to use them on websites and in mobile apps, and talk about what some of their shortcomings are.   #explain


The Cloud Hunting Games
A new CTF by Wiz.   #attack   #aws   #defend   #explain


Hardening GitHub Actions: Lessons from Recent Attacks
Build resilient GitHub Actions workflows with insights from real attacks, missteps to avoid, and security tips GitHub's docs don't fully cover.   #ci/cd   #defend


S3 bucket name squatting
Post sharing findings on four AWS services - Amazon Athena, AWS Elastic Beanstalk, AWS CodePipeline, AWS Config - and the implications of bucket name squatting.   #attack   #aws


Augmented LLM for Threat Hunting
An MCP implementation to augment Claude LLM for interacting with Elasticsearch to assist with threat identification.   #elastic   #monitor


Kubernetes v1.33: From Secrets to Service Accounts: Kubernetes Image Pulls Evolved
Kubernetes is introducing Service Account Token Integration for Kubelet Credential Providers, now available in alpha. This enhancement allows credential providers to use pod-specific service account tokens to obtain registry credentials, which kubelet can then use for image pulls, eliminating the need for long-lived image pull secrets.   #explain   #kubernetes


Cloud Incident Readiness: Critical infrastructure for cloud incident response
Post describing an infrastructure that you can use to perform incident response tasks such as root cause analysis, containment, and eradication.   #defend   #monitor

Level Up Your Cloud Security Career

Ready to boost your Cloud Security career? 📙 The CloudSec Engineer gives you actionable, no-nonsense advice from my own personal experience.
Whether you’re breaking into the field, moving to senior levels, or eyeing leadership roles, you’ll find practical tips to guide your path. Get the knowledge you need—plus bonus tools to organize your learning, interviews, and more.

Learn more

Tools


inspector
Visual testing tool for MCP servers.


TrailAlerts
TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events in AWS. You can also refer to the companion blog post.


kubectl-ai
AI powered Kubernetes Assistant.


dfc
(d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.


santa
A binary and file access authorization system for macOS.

From the cloud providers


#AWS   Introducing the AWS User Guide to Governance, Risk and Compliance for Responsible AI Adoption within Financial Services Industries
This comprehensive guide provides FSI customers practical considerations for responsible AI adoption across key dimensions including governance, risk management, compliance, data management, model management and AI agent management.


#AWS   Use an Amazon Bedrock powered chatbot with Amazon Security Lake to help investigate incidents
How to deploy a security chatbot with a GUI and a serverless backend powered by an Amazon Bedrock agent that incorporates existing playbooks to investigate or respond to a security event.


#AWS   Introducing the AWS Zero Trust Accelerator for Government
The AWS Zero Trust Accelerator for Government (ZTAG) is a government-centric set of resources to help government organizations implement zero trust architectures.


#GCP   What's new in IAM, Access Risk, and Cloud Governance
At Google Cloud Next, Google announced multiple new capabilities in their IAM, Access Risk, and Cloud Governance portfolio, including: IAM, Access Risk products including VPC Service Controls, Context-Aware Access and Identity Threat Detection and Response, Cloud Governance with Organization Policy Service, and Resource Management.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini