‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Monday,
March 11, 2024

Time to read: 3 minutes

📣️ Transform Your AWS Security Landscape with Prowler SaaS (Sponsor)

Unlock unparalleled visibility and control over your AWS security posture with Prowler SaaS. Our platform goes beyond traditional security measures to provide:

In-depth Analysis: Dive deep into your AWS environment to uncover and prioritize vulnerabilities with precision.
Actionable Intelligence: Equip your team with the insights needed to fortify your cloud infrastructure against the latest threats.
Effortless Compliance: Navigate the complexities of compliance with our automated tools, ensuring your AWS resources meet industry standards.

Join the ranks of organizations that trust Prowler for comprehensive cloud security. Experience the difference with a free trial and take the first step towards a more secure and resilient AWS environment.

👨🏼‍🍳 Appetizer

Welcome to this week's edition of our AWS Security Digest, fresh from the kitchen on this bright Monday.

Just like preparing a gourmet meal, securing your AWS environment requires the right blend of ingredients, techniques, and, of course, a secret sauce.

Our newsletter is your weekly recipe for mastering AWS security, packed with everything you need in bite-sized portions that you can consume at your pace.

Bon Appetit!
Victor

📋 Chef's Weekly selections

🍹 Monitor AWS Managed IAM Policies

Managed Policy changed since last week: 5

Weekly diff
🤖 Powered by MAMIP | 🚩 Sensitive IAM Actions included

🍔 AWS API Changes

🥣 Secret Sauce

Each week, we'll showcase your top AWS insights, focusing on AWS Security tricks and tips. Got a cool command-line hack, a clever console maneuver, or an awesome open-source tool? Send us your best tips for a shot at being featured in our upcoming issues.

Identify EC2 instances with public IP addresses to minimize the risk of exposing sensitive services. Filter instances based on their network interface attributes.

aws ec2 describe-instances --query "Reservations[].Instances[?PublicIpAddress!=null].[InstanceId,PublicIpAddress]" --output text

📣 AWS Security Best Practices (Sponsor)

Rampant cloud usage requires an advanced security playbook. Wiz put together these AWS security best practices from leading cloud security orgs.

Benchmark your strategy and improve your security posture across your AWS footprint with:

Techniques to enforce least privilege across all identities
How to limit uncontrolled exposure of sensitive assets
Playbooks to extend protection of Kubernetes clusters (EKS)
Plus critical recommendations by resource type (IAM, S3, Cloudtrail)

All of these advanced best practices for AWS are compiled in this checklist.

🥗 AWS Security Blog

🧁 IAM Permission Changes

☕︎ CloudFormation Updates

🍪 Amazon Linux CVEs

This section will show you the latest (Important and Critical) CVEs on Amazon Linux.

Amazon Linux 2

ALASECS-2024-035 (important): containerd - CVE-2023-39325, CVE-2023-39326, CVE-2023-3978, CVE-2023-47108

👾 r/aws

🗯️ Enjoying our updates? Share your thoughts!

☆ ☆ ☆ ☆ ☆

🖊️ stay ahead of the game by subscribing

📢 Gain visibility for your brand by sponsoring our content

💌 If you have any suggestions for future topics, let us know