🥗 Appetizer

Hey folks,

We all know that AWS environments are a treasure trove for your business, but they can also be a playground for cyber threats if not monitored properly. That's why I'm stoked to announce our upcoming webinar: "Monitoring your AWS Environments for Security Events."

Whether you're a seasoned pro or new to the AWS game, this webinar will give you the lowdown on how to set up effective monitoring and alerting for your cloud resources. And here's the kicker: we're focusing on a  free and open-source tooling that you can deploy in minutes.

📋 Topics we're covering:

• Deploying a free and open-source tool for AWS security monitoring
• Essential metrics and alerts you shouldn't sleep on
• How to tailor your settings for max security with minimal hassle

🗓 Mark your calendar: Thursday, October 19th, 2023 09:00 AM MDT / 08:00 AM PDT / 11:00 AM EDT

Don't miss out on leveling up your AWS security game. Hit the link to save your spot.

Catch you there,

Victor

🍹 Monitor AWS Managed IAM Policies

Managed Policy changed since last week: 8

1. AWSAppMeshServiceRolePolicy
2. 🚩 AWSCloud9Administrator
3. AWSCloud9EnvironmentMember
4. 🚩 AWSCloud9User
5. 🚩 AWSGlueServiceNotebookRole
6. 🚩 AWSMigrationHubStrategyCollector
7. 🚩 AmazonECSServiceRolePolicy
8. 🚩 ReadOnlyAccess

Weekly diff
🤖 Powered by MAMIP | 🚩 Sensitive IAM Actions included

🥗 AWS Security Blog

• Now available: Building a scalable vulnerability management program on AWS
• New whitepaper available: Charting a path to stronger security with Zero Trust
• Use SAML with Amazon Cognito to support a multi-tenant application with a single user pool
• How AWS protects customers from DDoS events
• Delegating permission set management and account assignment in AWS IAM Identity Center
• PCI DSS v4.0 on AWS Compliance Guide now available

🧁 IAM Permission Changes

• support: 1 new action - 1 new action: DescribeCommunication (Grants permission to get a single communication and attachments for a single AWS Support case)
• lambda: 1 updated condition - 1 updated condition: lambda:CodeSigningConfigArn (type)
• iotfleetwise: 2 new actions - 2 new actions: GetEncryptionConfiguration (Grants permission to get KMS-based encryption status for the AWS account), PutEncryptionConfiguration (Grants permission to enable or disable KMS-based encryption for the AWS account)
• elasticfilesystem: 1 updated condition1 updated condition: elasticfilesystem:AccessPointArn (type)