Lex NevaAug 02
2
Monday August, 2021
SRE Weekly Issue #281
📖 [The CloudSecList] Issue 98
Marco from CloudSecListAug 01
[tl;dr sec] #94 - 10X Your SOC, Learn Cryptography
Clint at tl;dr secJul 29
AWS Security Hub adds 10 new controls to its Foundational Security Best Practices standard for enhanced cloud security posture monitoring
Jul 30
AWS Security Hub has released 10 new controls for its Foundational Security Best Practice standardand, nbsp;to enhance customers' cloud security posture monitoring. These controls conduct fully-automatic checks against security best practices for Amazon API Gateway (APIGateway.4), Amazon CloudFront (CloudFront.5, CloudFront.6), Amazon EC2 (EC2.17, EC2.18), Amazon Elastic Container Service (ECS.1), Amazon …
AWS Single Sign-On is now available in the Europe CDG (Paris) region
Jul 27
AWS Single Sign-On (SSO) is now available in the Europe (Paris) region. For a full list of the regions where AWS SSO is available, see the AWS Regional Services List.
AWS Single Sign-On is now available in the Europe (Paris) region
Jul 28
AWS Single Sign-On (SSO) is now available in the Europe (Paris) region. For a full list of the regions where AWS SSO is available, see the AWS Regional Services List.
AWS AppSync - 4 updated methods
Jul 30
AWS AppSync now supports a new authorization mode allowing you to define your own authorization logic using an AWS Lambda function.
Amazon SageMaker Service - 9 updated methods
Jul 30
API changes with respect to Lambda steps in model building pipelines. Adds several waiters to async Sagemaker Image APIs. Add more instance types to AppInstanceType field
AWS Secrets Manager - 1 updated methods
Jul 30
Add support for KmsKeyIds in the ListSecretVersionIds API response
Amazon Chime - 2 new methods
Jul 29
Adds support for live transcription of meetings with Amazon Transcribe and Amazon Transcribe Medical. The new APIs, StartMeetingTranscription and StopMeetingTranscription, control the generation of user-attributed transcriptions sent to meeting clients via Amazon Chime SDK data messages.
Spring 2021 PCI DSS report now available with nine services added in scope
Michael OyeniyaJul 29
We’re continuing to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that nine new services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification. This provides our customers with more options to process …
Five reasons why I’m excited to attend AWS re:Inforce 2021 in Houston, TX
Clarke RodgersJul 29
You may have seen the recent invitation from Stephen Schmidt, Chief Information Security Officer (CISO) at Amazon Web Services, to join us at AWS re:Inforce in Houston, TX on August 24 and 25. I’d like to dive a little bit deeper into WHY you should attend and HOW to make the …
New 2021 H1 IRAP report is now available on AWS Artifact for Australian customers
Clara LimJul 27
We are excited to announce that an additional 15 AWS services are now assessed to be in scope for Information Security Registered Assessors Program (IRAP) after a successful incremental audit completed in June 2021 by independent ASD (Australian Signals Directorate) certified IRAP assessor. This brings the total to 112 services …
Strengthen the security of sensitive data stored in Amazon S3 by using additional AWS services
Jerry MullisJul 26
In this post, we describe the AWS services that you can use to both detect and protect your data stored in Amazon Simple Storage Service (Amazon S3). When you analyze security in depth for your Amazon S3 storage, consider doing the following: Audit and restrict Amazon S3 access with AWS …
Matt Fuller I understand where this can be useful, but I can't help but think that yet another layer of access control for S3 is not going to help with the "misc…
Aidan W Steele aws.amazon.com/about-aws/what… This is a really nice improvement. Use a virtual bucket name for software that doesn’t support access points
Clint Gibler @clintgibler
🛡️ Google whitepaper: How to build a 10X SOC
* Solidify the basics; don’t hunt before you can detect well
* Aim to spend 50% time automating
* Continuously monitor all new assets
* Detection as code, SOAR
By @ImanGhanizada & @anton_chuvakin #BlueTeam
services.google.com/fh/files/misc/…
Clint Gibler @clintgibler
🔭 New tool: crossfeed by @CISAgov
Continuously enumerates and monitor your organization's public-facing attack surface in order to discover assets and flag potential security flaws
List of data sources:
docs.crossfeed.cyber.dhs.gov/user-guide/pro…
#osint #recon
github.com/cisagov/crossf…
Scott Piper @0xdabbad00
I tried using IAM Access Analyzer to validate some resource policies. All of my SNS policies had errors. Turns out SNS:Receive, which is added by default, is not a valid privilege.
Kinnaird McQuade💥☁️ @kmcquade3
🔥🔥 Metabadger addresses a HUGE gap in cloud security tooling. No other tool does this.
You can prevent Server Side Request Forgery (SSRF) by upgrading to IMDSv2, but upgrading your existing EC2 instances to use the service can be tedious
Metabadger upgrades them automagically
Ashish Patel @_ashishpatel
🦡✨🛠️ Excited to announce Metabadger - a tool to help prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). Huge thanks to @salesforce and @kmcquade3 for the support in bringing this to life
github.com/salesforce/met…
Chris Farris @jcfarris
Who all will be at AWS re:Inforce? I'll be speaking on upping your detection game via Adversarial Simulation in the cloud-plane with @amcabee13 and @CyberScimitar TDR303
Aidan W Steele @__steele
A while ago I tweeted about @steampipeio. It's a very cool tool for querying an AWS environment (and a bunch of other cloudy things)
v0.7 came out this week and added a feature I requested back then: querying across multiple accounts and regions 🤩
steampipe.io/blog/release-0…
Aidan W Steele @__steele
aws.amazon.com/about-aws/what…
This is a really nice improvement. Use a virtual bucket name for software that doesn’t support access points
Chris Farris @jcfarris
So I've been saying "The Cloud is Dark and Full of Terrors" for years now, but 2-Oct at @BSidesAugusta , I'm actually giving it as a talk where we'll dive into common cloud security issues and how to demonstrate them to developers bsidesaugusta2021.busyconf.com/activities/60e… #bsidesaugusta
Ian Mckay @iann0036
This one is pretty interesting. I believe this is the first time S3 have carved out a chunk of the global namespace (that is, anything ending in `-s3alias`) for a specific purpose.
Paul Meighan @paulmeighan
Launch day!
Amazon S3 Access Points aliases allow any application that requires an S3 bucket name to easily use an access point.
Super excited for this one.
aws.amazon.com/about-aws/what…
Brigid Johnson @bjohnso5y
So...this is not the same as riding a horse 🏇. Tons of fun on the lake today! #vacationvibes
Misconfigurations & poor permissions still remain among the top cloud security threats
I recently wrote an article in ItProPortal looking at the largest cloud data breaches based on research I published in June. One of the surprising lessons that keeps playing out is that cloud systems and databases like S3 and Elasticsearch are extremely easy to expose, and when exposed (even …
- 🖊️ This newsletter was fwd to you? Subscribe here
- 💌 Want to suggest new content: contact me or reply to this email
- ⚡️ Powered by Mailbrew
- 🐦 Follow me on Twitter or hire me.
