📣 Sponsor

Cloud compliance doesn’t have to be so gloomy. With an out-of-the-box integration to AWS, Drata automatically collects and tests evidence—eliminating manual work.

See why 2,000+ AWS customers choose Drata to automate compliance for SOC 2, ISO 27001, GDPR, and 13 other frameworks. Joint customer, Superside, saves 1,500 hours a year by automating AWS compliance with Drata.

And now, AWS customers get 30% off their first Drata contract.

Book a demo today.

🥗 Appetizer

findmytakeover from @malprxctice detects dangling DNS record in a multi cloud environment.

It does this by scanning all the DNS zones and the infrastructure present within the configured cloud service provider either in a single account or multiple accounts and finding the DNS record for which the infrastructure behind it does not exist anymore rather than using wordlist.

It can easily detect and report potential subdomain takeovers that exist.

👀 Monitor AWS Managed IAM Policies

Policy changed since last week (5):

1. AWSGlueConsoleFullAccess
2. AmazonDataZonePreviewConsoleFullAccess
3. AmazonFSxConsoleFullAccess
4. AmazonFSxFullAccess
5. ReadOnlyAccess

Weekly diff

Powered by MAMIP

🍔 AWS API Changes

2023/07/13 - s3 - 5 updated api methods
Changes   S3 Inventory now supports Object Access Control List and Object Owner as available object metadata fields in inventory reports.