Issue #43
Monday · November 01, 2021
π₯ AWS security blogs
- Forensic investigation environment strategies in the AWS Cloud β When a deviation from your secure baseline occurs, itβs crucial to respond and resolve the issue quickly and follow up with a forensic investigation and root cause analysis. Having a preconfigured infrastructure and a practiced plan for using it when thereβs a deviation from your baseline will help you to β¦
- Migrate and secure your Windows PKI to AWS with AWS CloudHSM β AWS CloudHSM provides a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys in AWS. Using CloudHSM as part of a Microsoft Active Directory Certificate Services (AD CS) public key infrastructure (PKI) fortifies the security of your certificate authority (CA) private key β¦
- Three ways to improve your cybersecurity awareness program β Raising the bar on cybersecurity starts with education. Thatβs why we announced in August that Amazon is making its internal Cybersecurity Awareness Training Program available to businesses and individuals for free starting this month. This is the same annual training we provide our employees to help them better understand and β¦
- Correlate security findings with AWS Security Hub and Amazon EventBridge β In this blog post, weβll walk you through deploying a solution to correlate specific AWS Security Hub findings from multiple AWS services that are related to a single AWS resource, which indicates an increased possibility that a security incident has happened. AWS Security Hub ingests findings from multiple AWS services, β¦
π Reddit threads on r/aws
- Amazon EC2 now supports sharing Amazon Machine Images across AWS Organizations and Organizational Units
- Was billed 60k with a free tier? β I was billed 60k having only signed up for the free tier, what is this? Contacted aws support and they told me this was correct and that all usage above the free tier was billed like normal. My site has not seen activity that indicates that this is correct? What β¦
- AWS Toolbox π§° - A Collection of Awesome Tools and Scripts for Cloud Engineers
- An improved Python AWS Lambda logging setup
- Using Github Actions Open ID Connector to push to AWS ECR without Credentials - tedious ramblings
π Newsletters
π AWS Security by CloudNews
- AWS Security Hub adds support for cross-Region aggregation of findings to simplify how you evaluate and improve your AWS security posture β AWS Security Huband, nbsp;now allows you to designate an aggregation Region and link some or all Regions to that aggregation Region. This gives you a centralized view of all your findings across all of your accounts and all of your linked Regions. After you link a Region to the aggregation β¦
π Top Links from Security Folks
- GitHub - rung/threat-matrix-cicd: Threat matrix for CI/CD Pipeline β Threat matrix for CI/CD Pipeline. Contribute to rung/threat-matrix-cicd development by creating an account on GitHub.
- Introducing Quiet Riot - Wes Ladd - Medium β A Scalable AWS Enumeration and Footprinting Tool
π r/netsec
π "AWS Security" on Google News
π§ IAM permission changes
- textract: 2 new actions β 2 new actions: GetExpenseAnalysis (return information about an expense analysis job), StartExpenseAnalysis (start an asynchronous job to detect instances of invoices or receipts within an image or pdf provided as input)
- logs: 1 updated action β 1 updated action: PutSubscriptionFilter (resources)
- cloudwatch: 1 new condition | 1 updated condition, 1 updated action β 1 new condition: cloudwatch:requestInsightRuleLogGroups (filters actions based on the log groups specified in an insight rule.); 1 updated condition: cloudwatch:AlarmActions (type); 1 updated action: PutInsightRule (conditions)
πͺ API changes
- Amazon CloudWatch Application Insights - 11 updated methods β Added Monitoring support for SQL Server Failover Cluster Instance. Additionally, added a new API to allow one-click monitoring of containers resources.
- Amazon Connect Service - 2 new 3 updated methods β Amazon Connect Chat now supports real-time message streaming.
- Amazon Elastic Compute Cloud - 2 updated methods β Support added for AMI sharing with organizations and organizational units in ModifyImageAttribute API
- Amazon Rekognition - 1 updated methods β This release added new attributes to Rekognition Video GetCelebrityRecognition API operations.
