Lex NevaSep 06
6
Monday September, 2021
SRE Weekly Issue #286
📖 [The CloudSecList] Issue 103
Marco from CloudSecListSep 05
[tl;dr sec] #99 - Grow Employees or Lose Them, Advantage: Defense
Clint at tl;dr secSep 02
ACM Private CA now supports the Online Certificate Status Protocol (OCSP)
Sep 3
AWS Certificate Manager (ACM) Private Certificate Authority (CA) announces the availability of Online Certificate Status Protocol (OCSP) for distributing certificate revocation information. When establishing an encrypted TLS connection, endpoints can use OCSP to query, in near real time, if a certificate has been revoked. Thus alerting the endpoint that the …
AWS Firewall Manager now supports AWS WAF log filtering
Sep 1
AWS Firewall Manager now enables security administrators to specify which web requests to log and which requests to exclude from logs when using AWS WAF to inspect web traffic. If you use Firewall Manager security policies to centralize AWS WAF logging, you can now log only the information you want …
AWS Certificate Manager Private Certificate Authority - 4 updated methods
Sep 2
Private Certificate Authority Service now allows customers to enable an online certificate status protocol (OCSP) responder service on their private certificate authorities. Customers can also optionally configure a custom CNAME for their OCSP responder.
Amazon Elastic File System - 2 updated methods
Sep 2
Adds support for EFS Intelligent-Tiering, which uses EFS Lifecycle Management to monitor file access patterns and is designed to automatically transition files to and from your corresponding Infrequent Access (IA) storage classes.
Amazon FSx - 9 new 7 updated methods
Sep 2
Announcing Amazon FSx for NetApp ONTAP, a new service that provides fully managed shared storage in the AWS Cloud with the data access and management capabilities of ONTAP.
How US federal agencies can authenticate to AWS with multi-factor authentication
Kyle HartSep 2
This post is part of a series about how AWS can help your US federal agency meet the requirements of the President’s Executive Order on Improving the Nation’s Cybersecurity. We recognize that government agencies have varying degrees of identity management and cloud maturity and that the requirement to implement multi-factor, …
Top 10 security best practices for securing data in Amazon S3
Megan O'NeilSep 2
With more than 100 trillion objects in Amazon Simple Storage Service (Amazon S3) and an almost unimaginably broad set of use cases, securing data stored in Amazon S3 is important for every organization. So, we’ve curated the top 10 controls for securing your data in S3. By default, all S3 …
How to improve visibility into AWS WAF with anomaly detection
Cyril SolerSep 1
When your APIs are exposed on the internet, they naturally face unpredictable traffic. AWS WAF helps protect your application’s API against common web exploits, such as SQL injection and cross-site scripting. In this blog post, you’ll learn how to automatically detect anomalies in the AWS WAF metrics to improve your …
Ransomware mitigation: Top 5 protections and recovery preparation actions
Brad DispensaSep 1
In this post, I’ll cover the top five things that Amazon Web Services (AWS) customers can do to help protect and recover their resources from ransomware. This blog post focuses specifically on preemptive actions that you can take. #1 – Set up the ability to recover your apps and data …
route53resolver: 3 updated actions
Sep 4
3 updated actions: PutFirewallRuleGroupPolicy (access), PutResolverQueryLogConfigPolicy (access), PutResolverRulePolicy (access)
cloud9: 14 new actions | 3 updated actions
Sep 4
14 new actions: ActivateEC2Remote (start the amazon ec2 instance that your aws cloud9 ide connects to), CreateEnvironmentSSH (create an aws cloud9 ssh development environment), CreateEnvironmentToken (create an authentication token that allows a connection between the aws cloud9 ide and the user's environment), DescribeEC2Remote (get details about the connection to the …
sagemaker: 1 new action
Sep 4
1 new action: InvokeEndpointAsync (get inferences from the hosted model at the specified endpoint in an asynchronous manner)
Ian Mckay @iann0036
The #AWS SDKs have just surpassed 10,000 API methods, as measured by the JS SDK data source. 2,175 of these were added in the past 12 months, which is pretty decent growth. Note the "re:Invent bump" as a major contributor.
Scott Piper @0xdabbad00
#awswishlist Provide a public identifier for internal issues to customers, so I can say I want to +1 that issue as opposed to describing it to an AWS rep to search for and track down in their internal systems.
Clint Gibler @clintgibler
📈 Top Open Source #Kubernetes Security Tools of 2021
Survey by @RedHat
cloud.redhat.com/blog/top-open-…
Aidan W Steele @__steele
I haven't had a chance to check yet: is this just a typo in the documentation, or are we going to have to type it like this in our code too?
Hopefully it's not like "Referer" all over again 😅
Clint Gibler @clintgibler
🍎 Summer of Fuzz: Targeting macOS
Deep dive @hackinthebox talk by Jeremy Brown
#Fuzzing:
* CLI/GUI Applications
* Network Clients and Servers
Tips:
* Debugging Tools
* SIP and App Sandbox
* Monitoring Process Execution
* Enumerating Handlers
conference.hitb.org/hitbsecconf202…
Aidan W Steele @__steele
On one hand, this is very cool.
On the other hand, I feel bad for the devs who will now have additional places to investigate when debugging connectivity issues between internal apps.
aws.amazon.com/blogs/aws/insp…
Michael Chan @mchancloud
1/📣📣📣 Spread the word! Over the coming months, you'll start to see more informative access denied error messages when using AWS. @AWSSecurityInfo
AWS Identity @AWSIdentity
Coming soon: Easily troubleshoot your permissions in AWS with additional context about the policy type responsible for denied access 👉 go.aws/3DuYZIf
Scott Piper @0xdabbad00
Attack research get clicks. Defense gets contracts.
Unless your business is focused on offense (and even then possibly), you should include defense guidance, otherwise someone else will get the attention of the potential customers that see your attack research.
Brigid Johnson @bjohnso5y
Happy this dude starting eating. His tummy wasn't feeling too great this morning.
Victor Grenu @zoph
This is the first time I see AWS warn customers about wrongly using attribute-based conditions keys. Pretty nice to put emphasis on this mistake 👀.
Congrats to /r/aws for hitting 180k members
Please let us know what we (mods) can do better to continue to improve the community and grow.
Open Source CSPMs?
Has anyone used an open-source CSPM? I've found a few: Cloud Custodian, CloudSploit, OpenCSPM, and MagPie. Wondering if any of these are viable options. What were the pros and cons of going with open source instead of a vendor product?
- 🖊️ This newsletter was fwd to you? Subscribe here
- 💌 Want to suggest new content: contact me or reply to this email
- ⚡️ Powered by Mailbrew
- 🐦 Follow me on Twitter or hire me.
