🔶👩💻 Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure Part 2
To prevent abuse against the use of Snapshot Creation, Instance Creation and Instance Deletion features within cloud environments, security teams and cyber-defenders must ensure that proper monitoring and logging services are enabled across all cloud providers they utilize.
https://permiso.io/blog/unmasking-adversary-cloud-defense-evasion-strategies-modify-cloud-compute-infrastructure-part-2-detections-and-mitigations
#aws #azure
To prevent abuse against the use of Snapshot Creation, Instance Creation and Instance Deletion features within cloud environments, security teams and cyber-defenders must ensure that proper monitoring and logging services are enabled across all cloud providers they utilize.
https://permiso.io/blog/unmasking-adversary-cloud-defense-evasion-strategies-modify-cloud-compute-infrastructure-part-2-detections-and-mitigations
#aws #azure
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
🔶 Tactical Cloud Audit Log Analysis with DuckDB
Using DuckDB to query Cloud Provider audit logs when you don't have a SIEM available.
https://dev.to/aws-builders/tactical-cloud-audit-log-analysis-with-duckdb-aws-cloudtrail-2amk
#aws
Using DuckDB to query Cloud Provider audit logs when you don't have a SIEM available.
https://dev.to/aws-builders/tactical-cloud-audit-log-analysis-with-duckdb-aws-cloudtrail-2amk
#aws
👍3❤1🔥1
🔶 The Best Way to Start with AWS Security Hub
AWS Security Hub is an awesome tool for creating a native, organization-wide security feed. Learn how to set it up right from the start, for the lowest cost.
https://slaw.securosis.com/p/best-way-start-aws-security-hub
#aws
AWS Security Hub is an awesome tool for creating a native, organization-wide security feed. Learn how to set it up right from the start, for the lowest cost.
https://slaw.securosis.com/p/best-way-start-aws-security-hub
#aws
👍2❤1🔥1
🔶 AWS Cloud Incident Analysis Query Cheatsheet
A cheatsheet for analyzing AWS cloud incidents using CloudTrail with AWS Athena.
https://securosis.com/blog/aws-cloud-incident-analysis-query-cheatsheet/
#aws
A cheatsheet for analyzing AWS cloud incidents using CloudTrail with AWS Athena.
https://securosis.com/blog/aws-cloud-incident-analysis-query-cheatsheet/
#aws
👍3❤2🔥1
🔴 Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets
Bitbucket Secured Variables can be leaked in your pipeline and expose you to security breaches.
https://cloud.google.com/blog/topics/threat-intelligence/bitbucket-pipeline-leaking-secrets
#gcp
Bitbucket Secured Variables can be leaked in your pipeline and expose you to security breaches.
https://cloud.google.com/blog/topics/threat-intelligence/bitbucket-pipeline-leaking-secrets
#gcp
❤4👍1🔥1
🔶 Non-Production Endpoints as an Attack Surface in AWS
Two new archetypes for bypassing AWS CloudTrail through certain non-production endpoints with API actions that access account-level information and through API calls which generate multiple events in CloudTrail.
https://securitylabs.datadoghq.com/articles/non-production-endpoints-as-an-attack-surface-in-aws/
#aws
Two new archetypes for bypassing AWS CloudTrail through certain non-production endpoints with API actions that access account-level information and through API calls which generate multiple events in CloudTrail.
https://securitylabs.datadoghq.com/articles/non-production-endpoints-as-an-attack-surface-in-aws/
#aws
🔥3❤1👍1
🔶 Publicly Exposed AWS Document DB Snapshots
Post detailing the research around DocumentDB, and a deep dive on a public exposure impacting millions of customers of a publicly traded company.
https://ramimac.me/exposed-docdb
#aws
Post detailing the research around DocumentDB, and a deep dive on a public exposure impacting millions of customers of a publicly traded company.
https://ramimac.me/exposed-docdb
#aws
👍2❤1🔥1
🔴 What's new for the Google Cloud global front end for web delivery and protection
A deeper look at how the global front end solution improves the performance, protection, and scalability of their internet-facing web services.
https://cloud.google.com/blog/products/networking/recent-enhancements-to-the-global-front-end-solution/
#gcp
A deeper look at how the global front end solution improves the performance, protection, and scalability of their internet-facing web services.
https://cloud.google.com/blog/products/networking/recent-enhancements-to-the-global-front-end-solution/
#gcp
👍2❤1🔥1
🔶 How Parametric Built Audit Surveillance using AWS Data Lake Architecture
How Parametric implemented their Audit Surveillance Data Lake on AWS with purpose-built fully managed analytics services. With this solution, Parametric was able to respond to various audit requests within hours rather than days or weeks.
https://aws.amazon.com/ru/blogs/architecture/how-parametric-built-audit-surveillance-using-aws-data-lake-architecture/
#aws
How Parametric implemented their Audit Surveillance Data Lake on AWS with purpose-built fully managed analytics services. With this solution, Parametric was able to respond to various audit requests within hours rather than days or weeks.
https://aws.amazon.com/ru/blogs/architecture/how-parametric-built-audit-surveillance-using-aws-data-lake-architecture/
#aws
👍3❤1🔥1
🔶 Accelerate incident response with Amazon Security Lake
The first of a two-part series that will demonstrate the value of Amazon Security Lake and how you can use it and other resources to accelerate your incident response (IR) capabilities.
https://aws.amazon.com/ru/blogs/security/accelerate-incident-response-with-amazon-security-lake/
#aws
The first of a two-part series that will demonstrate the value of Amazon Security Lake and how you can use it and other resources to accelerate your incident response (IR) capabilities.
https://aws.amazon.com/ru/blogs/security/accelerate-incident-response-with-amazon-security-lake/
#aws
👍2❤1🔥1
🔶 Things you wish you didn't need to know about S3
S3 is weirder than you think. Make sure you know all the quirks before they turn into vulnerabilities in your AWS infrastructure.
https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/
#aws
S3 is weirder than you think. Make sure you know all the quirks before they turn into vulnerabilities in your AWS infrastructure.
https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/
#aws
🔥3❤1👍1
🔶 Amazon CloudWatch Logs announces Live Tail streaming CLI support
You can now view your logs interactively in real-time as they're ingested via AWS CLI or programmatically within your own custom dashboards inside or outside of AWS.
https://aws.amazon.com/ru/about-aws/whats-new/2024/06/amazon-cloudwatch-logs-announces-live-tail-streaming-cli-support/
#aws
You can now view your logs interactively in real-time as they're ingested via AWS CLI or programmatically within your own custom dashboards inside or outside of AWS.
https://aws.amazon.com/ru/about-aws/whats-new/2024/06/amazon-cloudwatch-logs-announces-live-tail-streaming-cli-support/
#aws
👍3❤1🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
🔶 sustainability-scanner
Validate AWS CloudFormation templates against AWS Well-Architected Sustainability Pillar best practices.
https://github.com/awslabs/sustainability-scanner
#aws
Validate AWS CloudFormation templates against AWS Well-Architected Sustainability Pillar best practices.
https://github.com/awslabs/sustainability-scanner
#aws
👍2❤1🔥1
Azure Red Team tool for graphing Azure and Azure Active Directory objects.
https://github.com/Azure/Stormspotter
#azure
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3❤1👍1
🔴 prel
An application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
https://github.com/lirlia/prel
#gcp
An application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
https://github.com/lirlia/prel
#gcp
👍2❤1🔥1
🔶 How to securely transfer files with presigned URLs
Best practices for generating and distributing presigned URLs, security considerations, and recommendations for monitoring usage and access patterns.
https://aws.amazon.com/ru/blogs/security/how-to-securely-transfer-files-with-presigned-urls/
#aws
Best practices for generating and distributing presigned URLs, security considerations, and recommendations for monitoring usage and access patterns.
https://aws.amazon.com/ru/blogs/security/how-to-securely-transfer-files-with-presigned-urls/
#aws
👍3❤1🔥1
🔴 How you can build a FedRAMP High-compliant network with Assured Workloads
Several best practices for securely deploying a network architecture that aligns with FedRAMP High.
https://cloud.google.com/blog/products/identity-security/how-you-can-build-a-fedramp-high-compliant-network-with-assured-workloads/
#gcp
Several best practices for securely deploying a network architecture that aligns with FedRAMP High.
https://cloud.google.com/blog/products/identity-security/how-you-can-build-a-fedramp-high-compliant-network-with-assured-workloads/
#gcp
👍3❤1🔥1
🔶 Simplify risk and compliance assessments with the new common control library in AWS Audit Manager
Audit Manager introduces a common control library that provides common controls with predefined and pre-mapped AWS data sources.
https://aws.amazon.com/ru/blogs/aws/simplify-risk-and-compliance-assessments-with-the-new-common-control-library-in-aws-audit-manager/
#aws
Audit Manager introduces a common control library that provides common controls with predefined and pre-mapped AWS data sources.
https://aws.amazon.com/ru/blogs/aws/simplify-risk-and-compliance-assessments-with-the-new-common-control-library-in-aws-audit-manager/
#aws
👍2❤1🔥1
🔴 Introducing GKE Compliance: Maintain clusters and workloads against industry standards
Google announced built-In, fully managed GKE Compliance within GKE posture management.
https://cloud.google.com/blog/products/containers-kubernetes/gke-compliance-reports-on-cluster-and-workload-posture/
#gcp
Google announced built-In, fully managed GKE Compliance within GKE posture management.
https://cloud.google.com/blog/products/containers-kubernetes/gke-compliance-reports-on-cluster-and-workload-posture/
#gcp
👍2❤1🔥1
🔶 Simplify AWS CloudTrail log analysis with natural language query generation in CloudTrail Lake
Streamline compliance and security analysis using natural language query generation. Ask questions like "What errors occurred last month?" and get ready-to-run SQL queries tailored to your needs - no technical expertise required.
https://aws.amazon.com/ru/blogs/aws/simplify-aws-cloudtrail-log-analysis-with-natural-language-query-generation-in-cloudtrail-lake-preview/
(Use VPN to open from Russia)
#aws
Streamline compliance and security analysis using natural language query generation. Ask questions like "What errors occurred last month?" and get ready-to-run SQL queries tailored to your needs - no technical expertise required.
https://aws.amazon.com/ru/blogs/aws/simplify-aws-cloudtrail-log-analysis-with-natural-language-query-generation-in-cloudtrail-lake-preview/
(Use VPN to open from Russia)
#aws
👍3❤1🔥1
🔶 Tales from the cloud trenches: Raiding for AWS vaults, buckets and secrets
Post exploring a campaign targeting AWS Secrets Manager, AWS S3 and AWS S3 Glacier.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-raiding-for-vaults-buckets-secrets/
#aws
Post exploring a campaign targeting AWS Secrets Manager, AWS S3 and AWS S3 Glacier.
https://securitylabs.datadoghq.com/articles/tales-from-the-cloud-trenches-raiding-for-vaults-buckets-secrets/
#aws
👍3❤1🔥1