This week's articles
The CSA Cloud Controls Matrix (CCM) V4: Raising the cloud security bar to the next level
The Cloud Security Alliance released version 4 of the Cloud Controls Matrix (CCM). The upgrade from CCM v3.0.1 to v4 has been imperative considering the evolution of the cloud security landscape, both from the technical and legal and regulatory standpoint. There was also a need for organizations to make the implementation of security and privacy controls more efficient and streamline compliance.
Intercept SSM Agent Communications
Leveraging SSM for post-exploitation: with access to an EC2 instance you can block EC2 Messages (like send-command) and SSM sessions, send arbitrary responses, or snoop on communications.
Kubernetes Honey Token
How to use an artisanally crafted Kubernetes Service Account as a Honeytoken.
How We Escaped Docker in Azure Functions
Vulnerability in Azure Functions which would allow an attacker to escalate privileges and escape the Azure Functions Docker container to the Docker host. Microsoft has determined that the vulnerability has no security impact on Function users as the Docker host itself is protected by a Hyper-V boundary.
Using Jenkins, Vault, Terraform, Ansible, and Consul to Deliver an End-to-End CI/CD Pipeline
A series focusing on best practices around the automation of infrastructure provisioning and application deployment. It covers the concepts of Infrastructure as Code, CI/CD, secrets management, dynamic secrets, the secret zero problem, service mesh, and more.