🔶 Public Report: AWS Nitro System API & Security Claims
AWS engaged NCC Group to conduct an architecture review of the AWS Nitro System design, with focus on specific claims AWS made for the security of the Nitro System APIs.
https://research.nccgroup.com/2023/05/03/public-report-aws-nitro-system-api-security-claims
#aws
AWS engaged NCC Group to conduct an architecture review of the AWS Nitro System design, with focus on specific claims AWS made for the security of the Nitro System APIs.
https://research.nccgroup.com/2023/05/03/public-report-aws-nitro-system-api-security-claims
#aws
👍2🔥1🤔1
🔷 Azure Future SIEM
Great visualization of the future Microsoft Sentinel architecture using Microsoft's cloud-based Azure infrastructure!
#azure
Great visualization of the future Microsoft Sentinel architecture using Microsoft's cloud-based Azure infrastructure!
#azure
🔥4👍1👏1
🔶🔷🔴 Cloudy with a Chance of Bad Logs: Cloud Platform Log Configurations to Consider in Investigations
Post describing a hypothetical scenario of a cloud platform compromise with multiple components that would require investigation. Each component is an example of a real intrusion tactic that Mandiant has investigated across various cloud platforms, sometimes with logs available and sometimes without logs available.
https://www.mandiant.com/resources/blog/cloud-bad-log-configurations
#aws #azure #gcp
Post describing a hypothetical scenario of a cloud platform compromise with multiple components that would require investigation. Each component is an example of a real intrusion tactic that Mandiant has investigated across various cloud platforms, sometimes with logs available and sometimes without logs available.
https://www.mandiant.com/resources/blog/cloud-bad-log-configurations
#aws #azure #gcp
👍3🔥1👏1
🔶 My Love/Hate Relationship with Cloud Custodian
Cloud Custodian is a powerful tool for managing and enforcing policies in cloud environments, but it can be difficult to learn and use effectively. The author shares their experiences with using Cloud Custodian, including its benefits and drawbacks, and offers tips for getting started with the tool.
https://badshah.io/my-love-hate-relationship-with-cloud-custodian
#aws
Cloud Custodian is a powerful tool for managing and enforcing policies in cloud environments, but it can be difficult to learn and use effectively. The author shares their experiences with using Cloud Custodian, including its benefits and drawbacks, and offers tips for getting started with the tool.
https://badshah.io/my-love-hate-relationship-with-cloud-custodian
#aws
👍3🔥2👏1
Call for Papers for DevOops 2023 is open until June 1st.
The conference will run for four days: September 5–6 online and September 17–18 in Moscow, with the option to join online.
Want to share your DevOps experience? Submit your proposal at DevOops 2023.
All you need is the material and the desire to perform, and the organizers will help at every stage, from idea to performance: they'll work with you on the material, conduct rehearsals, and give recommendations on the presentation.
Choose any presentation format—talk, workshop, interview, discussion, BoF session—or come up with something of your own. You can select a topic from the list or propose your own.
Submit your proposal on the DevOops website.
#advertising
The conference will run for four days: September 5–6 online and September 17–18 in Moscow, with the option to join online.
Want to share your DevOps experience? Submit your proposal at DevOops 2023.
All you need is the material and the desire to perform, and the organizers will help at every stage, from idea to performance: they'll work with you on the material, conduct rehearsals, and give recommendations on the presentation.
Choose any presentation format—talk, workshop, interview, discussion, BoF session—or come up with something of your own. You can select a topic from the list or propose your own.
Submit your proposal on the DevOops website.
#advertising
🔥3👍2👏1
🔴 Cloud Run Security design overview
This article outlines the security features provided by Cloud Run, including automatic TLS encryption, secure communication between services, and integration with Cloud IAM for access control.
https://cloud.google.com/run/docs/securing/security
#gcp
This article outlines the security features provided by Cloud Run, including automatic TLS encryption, secure communication between services, and integration with Cloud IAM for access control.
https://cloud.google.com/run/docs/securing/security
#gcp
👍2🔥2👏1
🔶 An AWS IAM Wishlist
A wishlist of AWS IAM feature requests: IAM Authorization Debugging, Mapping of API Calls/IAM Permissions/CloudTrail Events, SCP Audit Mode, SCP for Resources, and API Request Parameters as Condition Keys.
https://www.zeuscloud.io/post/an-aws-iam-wishlist
#aws
A wishlist of AWS IAM feature requests: IAM Authorization Debugging, Mapping of API Calls/IAM Permissions/CloudTrail Events, SCP Audit Mode, SCP for Resources, and API Request Parameters as Condition Keys.
https://www.zeuscloud.io/post/an-aws-iam-wishlist
#aws
🔥3👍1👏1
🔶🔷 Manage multiple Terraform projects in monorepo
A look at one possible way to organize and manage a monorepo setup, which will contain multiple projects and Terraform modules, with deployments spanning across multiple targets such as AWS accounts or Azure subnoscriptions.
https://janik6n.net/posts/manage-multiple-terraform-projects-in-monorepo
#aws #azure
A look at one possible way to organize and manage a monorepo setup, which will contain multiple projects and Terraform modules, with deployments spanning across multiple targets such as AWS accounts or Azure subnoscriptions.
https://janik6n.net/posts/manage-multiple-terraform-projects-in-monorepo
#aws #azure
🔥2👍1😱1
🔴 Google I/O 2023: Making AI more helpful for everyone
A summary of what Google announced at Google I/O 2023.
https://blog.google/technology/ai/google-io-2023-keynote-sundar-pichai
#gcp
A summary of what Google announced at Google I/O 2023.
https://blog.google/technology/ai/google-io-2023-keynote-sundar-pichai
#gcp
👍1🔥1😱1
🔶 Attacking and securing cloud identities in managed Kubernetes part 1: Amazon EKS
This post provides a deep dive into how Amazon EKS IAM works, and several attack vectors to pivot from an EKS cluster to an AWS environment.
https://securitylabs.datadoghq.com/articles/amazon-eks-attacking-securing-cloud-identities
#aws
This post provides a deep dive into how Amazon EKS IAM works, and several attack vectors to pivot from an EKS cluster to an AWS environment.
https://securitylabs.datadoghq.com/articles/amazon-eks-attacking-securing-cloud-identities
#aws
🔥4👍1👏1
🔷 Understanding Azure logging capabilities in depth
Azure includes lots of great technologies, which can be used for logging purpose. Currently, Microsoft is transitioning from v1-method (MMA) to v2-method using DCRs.
https://mortenknudsen.net/?p=1433
#azure
Azure includes lots of great technologies, which can be used for logging purpose. Currently, Microsoft is transitioning from v1-method (MMA) to v2-method using DCRs.
https://mortenknudsen.net/?p=1433
#azure
🔥2👍1😱1
🔶 Connecting Block Business Units with AWS API Gateway
How Block enables backend services to securely connect across business unit boundaries using AWS API Gateway.
https://developer.squareup.com/blog/connecting-block-business-units-with-aws-api-gateway/
(Use VPN to open from Russia)
#aws
How Block enables backend services to securely connect across business unit boundaries using AWS API Gateway.
https://developer.squareup.com/blog/connecting-block-business-units-with-aws-api-gateway/
(Use VPN to open from Russia)
#aws
👍3🔥1🤯1
🔴 Policy Controller dashboard: Now available for all Anthos and GKE environments
Policy Controller enforces programmable policies for Anthos clusters, which you can manage through the enhanced Policy Controller dashboard.
https://cloud.google.com/blog/products/containers-kubernetes/new-features-and-integrations-for-policy-controller-dashboard
#gcp
Policy Controller enforces programmable policies for Anthos clusters, which you can manage through the enhanced Policy Controller dashboard.
https://cloud.google.com/blog/products/containers-kubernetes/new-features-and-integrations-for-policy-controller-dashboard
#gcp
🔥4👍1👏1
🔶 Simplify the Investigation of AWS Security Findings with Amazon Detective
Detective now offers investigation support for findings in AWS Security Hub in addition to those detected by GuardDuty.
https://aws.amazon.com/ru/blogs/aws/new-simplify-the-investigation-of-aws-security-findings-with-amazon-detective
#aws
Detective now offers investigation support for findings in AWS Security Hub in addition to those detected by GuardDuty.
https://aws.amazon.com/ru/blogs/aws/new-simplify-the-investigation-of-aws-security-findings-with-amazon-detective
#aws
👍4🔥2👏1
🔷 Bridging the Security Gap: Mitigating Lateral Movement Risks from On-Premises to Cloud Environments
This blog post discusses lateral movement risks from on-prem to the cloud, explaining attacker TTPs, and outlining best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk.
https://www.wiz.io/blog/lateral-movement-risks-in-the-cloud-and-how-to-prevent-them-part-4-from-compromis
#azure
This blog post discusses lateral movement risks from on-prem to the cloud, explaining attacker TTPs, and outlining best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk.
https://www.wiz.io/blog/lateral-movement-risks-in-the-cloud-and-how-to-prevent-them-part-4-from-compromis
#azure
🔥3👍1👏1
🔶 Unmasking GUI-Vil: Financially Motivated Cloud Threat Actor
This article describes the attack lifecycle and detection opportunities for a cloud-focused, financially motivated threat actor.
https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor
#aws
This article describes the attack lifecycle and detection opportunities for a cloud-focused, financially motivated threat actor.
https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor
#aws
👍3🔥2🤔1
🔷 Tampering with Conditional Access Policies Using Azure AD Graph API
Modifications made using AADGraph are not properly logged, endangering integrity and non-repudiation of Azure AD policies.
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
#azure
Modifications made using AADGraph are not properly logged, endangering integrity and non-repudiation of Azure AD policies.
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
#azure
👍1🔥1👏1
🔶 Is Cloud Forensics just Log Analysis? Kind Of.
The article discusses the differences between traditional forensics and cloud forensics, highlighting the importance of understanding cloud-specific artifacts and logs.
https://www.cadosecurity.com/is-cloud-forensics-just-log-analysis-kind-of
#aws
The article discusses the differences between traditional forensics and cloud forensics, highlighting the importance of understanding cloud-specific artifacts and logs.
https://www.cadosecurity.com/is-cloud-forensics-just-log-analysis-kind-of
#aws
👍4🔥2🤔1
🔶 AWS Lambda Function: IAM User Password Expiry Notice
Walk through the necessary steps to set up an AWS Lambda function to email notifications to IAM Users when their AWS Web Console passwords are expiring.
https://blog.jennasrunbooks.com/aws-lambda-function-iam-user-password-expiry-notice-ses-boto3-terraform
#aws
Walk through the necessary steps to set up an AWS Lambda function to email notifications to IAM Users when their AWS Web Console passwords are expiring.
https://blog.jennasrunbooks.com/aws-lambda-function-iam-user-password-expiry-notice-ses-boto3-terraform
#aws
👍3🔥2🤔1
🔴 Google Trust Services ACME API available to all users at no cost
Google now offers general availability of Google Trust Services ACME endpoint allowing anyone to get TLS certificates for their websites for free.
https://security.googleblog.com/2023/05/google-trust-services-acme-api_0503894189.html
#gcp
Google now offers general availability of Google Trust Services ACME endpoint allowing anyone to get TLS certificates for their websites for free.
https://security.googleblog.com/2023/05/google-trust-services-acme-api_0503894189.html
#gcp
👍5🔥1👏1
🔶 Misconfiguration Spotlight: Securing the EC2 Instance Metadata Service
A look at how the EC2 Instance Metadata Service can be taken advantage of.
https://securitylabs.datadoghq.com/articles/misconfiguration-spotlight-imds
#aws
A look at how the EC2 Instance Metadata Service can be taken advantage of.
https://securitylabs.datadoghq.com/articles/misconfiguration-spotlight-imds
#aws
👍4🔥1👏1