📣 Sponsor
ProwlerPro is the most comprehensive CSPM solution for Amazon Web Services (AWS). It is designed for teams responsible for security audits, assessments, compliance, incident response, and infrastructure hardening.
ProwlerPro helps organizations securely operate their cloud-based infrastructure by providing:
- Automatic monitoring of cloud infrastructure for potential misconfigurations and vulnerabilities
- Verification of compliance with key security and data protection frameworks
- Comprehensive, easy to understand visualizations of your cloud infrastructure with the ability to filter and drill down to specific regions, accounts, services, issues and remediations
- Remediations and hardening recommendations based on detected vulnerabilities and issues.
Fast, easy, and, agentless installation and integration into common alerting platforms
Schedule Your ProwlerPro Demo Now. |
🥗 Appetizer
This week holds significance for ASD as it has been delivered to you through a fresh service provider, hoping that everything functions as intended when you read this edition.
On the AWS front, my excitement waned when I discovered the announcement regarding the latest limitation on accessing the AWS console. Initially, it seemed fantastic that the corporate environment would gain the ability to restrict access to their AWS consoles exclusively from the corporate office and remote CIDR (VPN).
However, it turns out that the purpose of this new feature is to address shadow IT by limiting access to untrusted AWS Accounts (personal) consoles from corporate networks and only on limited set of AWS Services.
|
👀 Monitor AWS Managed IAM Policies
Policies changed since last week (11):
Weekly diff
|
🍔 AWS API ChangesAmazon EMR - 3 updated methodsEMR Studio now supports programmatically executing a Notebooks on an EMR on EKS cluster. In addition, notebooks can now be executed by specifying its location in S3.
|
📣 Sponsor
The Cloud Access Management Toolkit (CAMT) simplifies cloud security operations, enabling non-specialists to manage cloud API and data access. It includes a simplified access model, access analyzer, policy generators, and pre built integrations. Integrations include monitoring dashboards, IaC libraries, and interfaces with IAM governance workflows. This makes it possible for security to be everyone's responsibility and allows non-specialists to perform 90% of security operations.
|
🍓 IAM Permission Changes
quicksight: 13 new actions | 1 updated resource, 3 updated actionsMay 12 13 new actions: CreateTopic (Grants permission to create a topic), CreateTopicRefreshSchedule (Grants permission to create a refresh schedule for a topic), DeleteTopic (Grants permission to delete a topic), DeleteTopicRefreshSchedule (Grants permission to delete a refresh schedule for a topic), DescribeTopic (Grants permission to describe a topic), DescribeTopicPermissions (Grants permission to …
ssm: 2 updated actionsMay 12 2 updated actions: StartChangeRequestExecution (conditions), StartAutomationExecution (conditions)
|
🖊️ Don't miss out AWSsec insights - stay ahead of the game by subscribing 📢 Gain visibility for your brand by sponsoring our content 💌 If you have any suggestions for future topics, let us know |
|
|
|
