This week's articles
Record AWS API calls to improve IAM Policies
#aws, #iam, #defend
Have you ever looked at an IAM policy and wondered: Is it really necessary to grant access to this specific action? CloudTrail can help here, but there is something better: Record API calls with Client Side Monitoring.
Exploring Cloud Trust Relationships: AWS
First in a series exploring mapping trust in different cloud providers. This post looks at 11 different aws security scanning tools and talks about some pros and cons with each.
Preventing malicious use of Weave Scope
Intezer and Microsoft reported this week that TeamTNT hackers are using Weave Scope to aid their intrusions. As Weave Scope is an administration tool, it has powerful capabilities making it important for any installation to be secured. This blog covers both how Scope is used and how you can prevent it being misused by securing it in any Kubernetes installation.
Falco Default Rule Bypass
#k8s, #falco, #defend
Darkbit discovered a bypass for a Falco default rule, whereby cleverly named images running as privileged and/or mounting sensitive paths can avoid generating alerts. It is recommended to update your "falco_rules.yaml" to the latest version.
Falco Update: What's new in Falco?
#k8s, #falco, #explain
CNCF post describing the top five new features released in Falco 0.25 (like rules improvements, gRPC for alerts, and more).
Using AWS IoT for mutual TLS in a web application
Is there a way to support a client certificate-based "device trust" feature natively in AWS? Turns out you can use X.509 client certificates to authenticate your Chrome browser to AWS using AWS IoT.
Purchased Microsoft 365 E5, Now What?
The Microsoft 365 E5 suite
is essentially a large amount of products Microsoft offers for the Enterprise environment, more focused towards the security and compliance areas. The purchasing of E5 licensing means an organization now has unlocked a lot of Microsoft products and the common question seen afterwards is, "where do I start?".
CNCF End User Technology Radar - Continuous Delivery
The CNCF End User Community was asked to describe what their companies recommend for different solutions: Adopt, Trial, Assess or Hold. This table shows how the End User companies rated each technology.