This week's articles
AWS Accounts as Security Boundaries - 97+Ways Data Can be Shared Across Accounts
Security teams cannot simply rely on the AWS account boundary to limit access between environments. Instead, they must carefully audit IAM policies, resource policies, Organization membership, RAM shares, service-level integrations, and sometimes combinations of one of more of these options, in order to properly evaluate how data from one account is being sent to others.
How to measure SOC quality
You can scale your SOC and improve quality. Seems impossible? Not if you know how and what to measure. The crew that helped build Expel's SOC explain how they pulled it off.
Reverse Engineering a Docker Image
The Docker image format is a lot more transparent than it could be. A little detective work is needed, but a lot can be figured out just by pulling apart an image file.
K0s Cluster Without Internet Access
In companies with high security constraints, it might be needed to install a Kubernetes cluster on machines without any internet access. This article shows how k0s
manages air-gapped installations.
Running Linux Tools in Lambda Containers
Lambda Containers are a great fit for performing tasks that require elevated privileges, especially if AWS IAM can control access. Running tasks with elevated privileges in an ephemeral manner is great for security, since there's nothing constantly running with that access.