Release Date: 21/02/2021 | Issue: 75
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

โœจ All-in-one cloud security with Bridgecrew โœจ
Bridgecrew delivers comprehensive security from commit to cloud. Powered by security-as-code, Bridgecrew gives you instant visibility into your cloud security posture and equips you with automated remediation. By embedding security earlier in the development lifecycle, we enable teams to secure their infrastructure without slowing them down. Start codifying your cloud security with Bridgecrew for free! โœ…

This week's articles


3 Ways to Mitigate Risk When Using Private Package Feeds
Microsoft whitepaper on best practices to follow to reduce risks against substitution attacks.   #ci/cd   #defend


Docker image history modification - why you can't trust docker history
How to modify the embedded "history" of a Docker image, and why it can't be used to secure your image supply chain.   #docker   #defend


Building Secure AWS AMIs: Building hardened CentOS AMIs from scratch
How to setup the infrastructure required to create EC2 AMIs from scratch, how to use the example hardening scripts for CentOS, and how to validate them with Amazon Inspector.   #aws   #build


Case of the doppelganger AWS account
Under special circumstances, two AWS accounts could share the same root email address, but it is not a security problem and will probably never happen to you.   #aws   #explain


Normalizing AWS IAM Policies for Automation
Uncovering the power of SQL to analyze IAM policies via normalization of the AWS IAM policy syntax.   #aws   #defend


Access to Glassdoor's Infra (AWS) and BitBucket account through leaked repo
AWS credentials associated to a Glassdoor employee were exposed via a publicly accessible repository. These keys gave access to a particular account on AWS related to big data workloads.   #aws   #attack


AAD & M365 kill chain
The Azure AD and Microsoft 365 kill chain is a collection of recon techniques and hacking tools.   #azure   #attack


Runtime security in Azure Kubernetes Service
How to secure containers on Microsoft Azure Kubernetes Service (AKS) with open source Falco.   #azure   #k8s   #defend


Keep it secret. Keep it ... safe?
Another experiment aiming to verify what happens after you accidentally leak secrets to a public code repository.   #aws   #defend


How to use Docker Security Scan Locally
Docker and Snyk recently entered into a partnership to provide container vulnerability scanning to official images on Docker Hub. Additionally, Docker has integrated scanning directly into Docker for Desktop clients.   #docker   #build

Tools


streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.


howtheysre
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE).


awesome-falco
A curated list of Falco related tools, frameworks and articles.


skan
sKan is a Kubernetes configuration files and resources scanner that enables developers and devops team members to check whether their work is compliant with security & ops best practices.


secrets-store-csi-driver
Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume.

From the cloud providers


#AWS   Introducing Amazon VPC Endpoints for AWS CloudHSM
You can now access AWS CloudHSM service APIs from your VPC using VPC endpoints, which provide connectivity to CloudHSM without requiring an internet gateway or a NAT instance.


#AWS   Introducing OIDC identity provider authentication for Amazon EKS
AWS introduced user authentication for EKS clusters from an OpenID Connect (OIDC) Identity Provider (IDP). The OIDC IDP can be used as an alternative to, or along with AWS Identity and Access Management (IAM).


#AWS   IAM Tutorial: Delegate access across AWS accounts using IAM roles
How to use an IAM role to delegate access to resources in different AWS accounts that you own.


#AWS   Use tags to manage and secure access to additional types of IAM resources
AWS IAM now enables administrators to use tags to manage and secure access to more types of IAM resources, such as customer managed IAM policies, Security Assertion Markup Language (SAML) providers, and virtual MFA devices.


#GCP   Discover and invoke services across clusters with GKE multi-cluster services
Google announced the general availability of multi-cluster services (MCS), a Kubernetes-native cross-cluster service discovery and invocation mechanism for GKE. MCS extends the reach of the Kubernetes Service primitive beyond the cluster boundary, so you can easily build Kubernetes applications that span multiple clusters.


#GCP   New private cloud networking whitepaper for Google Cloud VMware Engine
New Private cloud networking for Google Cloud VMware Engine whitepaper discussing the various connectivity options available in VMware Engine, with detailed explanations of traffic flows, optimization options and architectural design considerations.


#GCP   New whitepaper: CISO's guide to Cloud Security Transformation
Google's whitepaper sharing their thinking, based on their experiences working with Google Cloud customers, their CISOs, and their teams, on how best to approach a security transformation.


#AZURE   Categorizing Microsoft alerts across data sources in Azure Sentinel
A reference to understand how Microsoft security solutions can be grouped into categories.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini