Issue #133
Monday · December 04, 2023
🥖 Palate Cleanser
Hey Folks,Hope you're doing well! I've had my nose buried in all sorts of articles, blog posts, and updates in the AWS Security universe so that you can skip the heavy lifting.
Here's a roundup of the juiciest stuff you need to know this week. First up, let's get into an eye-opening piece on Security Hub by Chris Faris. Trust me, you'll want to hear the key takeaways:
- Misleading Metrics & Dashboards: Security Hub may present metrics and dashboards that don't accurately reflect the security posture. They often lean towards compliance rather than assessing real risks, causing both misalignment and tension between engineering and security teams.
- Cost Underestimation: While Security Hub might seem cost-effective initially, the total cost can escalate when combined with AWS Config and other associated services. The pricing structure can be confusing, causing budgeting issues.
- Configuration Challenges: Despite features like Delegated Admin and Region Aggregation, disabling specific controls or customizing findings is far from straightforward. You'll need to dive into each account and region, making configuration and management cumbersome.
See the full article below.
Victor
📋 Chef's selections
🍛 Reddit threads on r/aws
- Is it possible to truly delete something from S3?
- Recommend me companies doing AWS account security reviews please
- What is the "correct" way to manage authentication state with Cognito (React)
- Could anyone share some resources to test against security best practices for S3, RedShit, RDS and IAM?
- Best Practices for Cognito Authentication in CLI
- Unlocking AWS Power for Microservices: A Guide to IAM Roles for Service Accounts (IRSA)
- API gateway auth for service to service calls?
- Developer experience when using Cloudfront signed cookies
- Cross account policy capability
- Cheapest IDS for VPC port mirroring?
- Aws inspector - libwebp vuln
- AWS Cognito User Pool: Verify User Server-Side
- Can't create new MFA virtual device for IAM user
- Afraid of HUGE Bill
- How do I tell my website that a user is logged in?
🍪 API changes
- Amazon Elastic Compute Cloud - 6 updated methods - The release includes AWS verified access to support FIPs compliance in North America regions
- AWS WAFV2 - 11 updated methods - You can now perform an exact match against the web request's JA3 fingerprint.
- Amazon QuickSight - 3 updated methods - Added ability to tag users upon creation.
