Security Newsletter - GPT to help out in security matters. Exchange will block mail from vulnerable on-prem servers. Ultrasound control over digital assistants. • AWS Notification Message • [tl;dr sec] #175 - The Future of Security Engineering, Awesome Kubernetes Threat Detection • AWS Notification Message • Auto Scaling - 10 updated methods • AWS Batch - 1 updated methods • AWS Compute Optimizer - 4 updated methods • Simplify web app authentication: A guide to AD FS federation with Amazon Cognito user pools • Gain insights and knowledge at AWS re:Inforce 2023 • The National Intelligence Center of Spain and AWS collaborate to promote public sector cybersecurity • How to use Amazon GuardDuty and AWS WAF v2 to automatically block suspicious hosts • guardduty: 3 new actions • finspace: 1 updated condition • applicationinsights: 1 new action • Exploring Amazon VPC Lattice – One Cloud Please • RFC: AppSync abstraction for SAM · aws/serverless-application-model · Discussion #3075 • 😈 Fun with SSRF - Turning the Kubernetes API Server into a port scanner <a href="https://twitter.com/raesene" target="_blank">@raesene</a> shows how to leverage existing functionality on <a href="https://twitter.com/hashtag/Kubernetes" target="_blank">#Kubernetes</a> to perform scans from the API server using validating admission webhooks 🛠️ PoC <a href="https://t.co/OxkeUgeeus" target="_blank">github.com/raesene/k8s_ss…</a> <a href="https://t.co/KPorUqEZRe" target="_blank">raesene.github.io/blog/2023/01/0…</a> • 🔎 awesome-detection-rules A collection of threat detection rules / rules engines, including: * Yara * Sigma * Falco * Zeek * Snort/Suricata * Splunk + more By <a href="https://twitter.com/jason_trost" target="_blank">@jason_trost</a> <a href="https://twitter.com/hashtag/infosec" target="_blank">#infosec</a> <a href="https://twitter.com/hashtag/blueteam" target="_blank">#blueteam</a> <a href="https://t.co/HAsBQKkeWn" target="_blank">github.com/jatrost/awesom…</a> • Gross. Unverify us you coward. • Check out my new post on the newly GA'd <a href="https://twitter.com/hashtag/AWS" target="_blank">#AWS</a> <a href="https://twitter.com/hashtag/Amazon" target="_blank">#Amazon</a> VPC Lattice service! 📝🌐 <a href="https://t.co/jlP5SNzpzG" target="_blank">onecloudplease.com/blog/exploring…</a> • TIL that Go Lambda functions now have a nice way to perform cleanup without ugly workarounds. • 🪣"practical guidance for your AWS security program": <a href="https://t.co/sSx2zJEG7U" target="_blank">ramimac.me/s3-logging</a> 🪣 This time, we're tackling S3 Logging! As one of the foundational services, I expected "best practices for s3 logging" to be well established. I was disappointed ... • To answer <a href="https://twitter.com/QuinnyPig" target="_blank">@QuinnyPig</a>'s question: I implemented something like this, and I want to implement it again. IMO, enriched VPC flow logs are an untapped source of extremely valuable data. I just don't have access to realistic training data and need help. Blog: <a href="https://t.co/yef7Lh6N8W" target="_blank">awsteele.com/blog/2021/05/1…</a> • New research from <a href="https://twitter.com/wiz_io" target="_blank">@wiz_io</a>! Customers with the misconfiguration identified will need to take action! • I have a feeling every single person in the room with Elon when he made this pricing decision knew it would be met with the Arrested Development banana meme, but was too afraid to speak up • Amazon Fights Oregon Clean Energy Bill • Aws reps keep pushing a specific vendor on me • Amazon VPC Lattice now GA! • TLS 1.3 with ELB and ALB: The Wait is Over! • Elastic Unveils Advanced Cloud Security Solutions for AWS Users - Read IT Quik • Elastic Unfurls Cloud Security Platform for AWS - Security Boulevard