Issue #49
Monday · December 13, 2021
🥗 AWS security blogs
- How to customize behavior of AWS Managed Rules for AWS WAF — AWS Managed Rules for AWS WAF provides a group of rules created by AWS that can be used help protect you against common application vulnerabilities and other unwanted access to your systems without having to write your own rules. AWS Threat Research Team updates AWS Managed Rules to respond to an …
- Privacy video: Innovating securely — I’m pleased to share a video of a conversation about privacy I had with my colleague Laura Dawson, the North American Lead at the AWS Institute. Privacy is becoming more of a strategic issue for our customers, similar to how security is today. We discussed how, while the two topics …
- Hardening the security of your AWS Elastic Beanstalk Application the Well-Architected way — Launching an application in AWS Elastic Beanstalk is straightforward. You define a name for your application, select the platform you want to run it on (for example, Ruby), and upload the source code. The default Elastic Beanstalk configuration is intended to be a starting point which prioritizes simplicity and ease of setup. …
- Using CloudTrail to identify unexpected behaviors in individual workloads — In this post, we describe a practical approach that you can use to detect anomalous behaviors within Amazon Web Services (AWS) cloud workloads by using behavioral analysis techniques that can be used to augment existing threat detection solutions. Anomaly detection is an advanced threat detection technique that should be considered …
🍛 Reddit threads on r/aws
- 500/502 Errors on AWS Console — As always their Service Health Dashboard says nothing is wrong. I'm getting 500/502 errors from two different computers(in different geographical locations), completely different AWS accounts. Anyone else experiencing issues? ETA 11:37 AM ET: SHD has been updated: 8:22 AM PST We are investigating increased error rates for the AWS …
- A software engineer at Amazon had their total comp increased to $180,000 after earning a promotion to SDE-II. But instead of celebrating, the coder was dismayed to find someone hired in the same role, which might require as few as 2 or 3 YOE, can earn as much as $300,000.
- AWS us-east-1 outage brings down services around the world
- Anyone Else Lowkey Think the AWS Console Login Captchas Are Hard AF Sometimes..? — I swear sometimes I sit there and have to do it like 10 times until I'm able to get it right. (┛◉Д◉)┛彡┻━┻
- Post AWS outage, what changes do you plan to make? — I’ll start: Our company has pilot light regional failover, which is effective when aws is working but our app is not. Our application processes are stateless, but we store data in an aurora multi az cluster and use elasticache redis for queuing and pubsub, and single region s3 for audio …
📌 Newsletters
📌 r/netsec
📌 r/cloudsecurity
- SOC 2 Compliance questions — Hey, I know that there's a big focus on SaaS companies vulnerability regarding data security. If you have any questions regarding SOC 2 compliance. I would love to answer any questions below. I've been speaking to quite a few people within this domain and there seems to be a lot …
📌 "AWS Security" on Google News
🧁 IAM permission changes
- kafka: 3 new resources — 3 new resources: topic, group, transactional-id
- rekognition: 5 updated actions, 1 updated resource — 5 updated actions: TagResource (resources), UntagResource (resources), CreateCollection (resources), CreateProjectVersion (resources), CreateStreamProcessor (resources); 1 updated resource: dataset (arn)
- textract: 1 new action — 1 new action: AnalyzeID (detect relevant information from identity documents provided as input)
🍪 API changes
- Amazon Lex Model Building V2 - 6 updated methods — Added support for grammar slot type in Amazon Lex. You can author your own grammar in the XML format per the SRGS specification to collect information in a conversation.
- AWS Network Firewall - 1 new 4 updated methods — This release adds support for managed rule groups.
- AWS Route53 Recovery Control Config - 3 new 3 updated methods — This release adds tagging supports to Route53 Recovery Control Configuration. New APIs: TagResource, UntagResource and ListTagsForResource. Updates: add optional field `tags` to support tagging while calling CreateCluster, CreateControlPanel and CreateSafetyRule.
- Amazon Route 53 Domains - 2 new 5 updated methods — Amazon Route 53 domain registration APIs now support filtering and sorting in the ListDomains API, deleting a domain by using the DeleteDomain API and getting domain pricing information by using the ListPrices API.
📺 AWS security bulletins
- Update for Apache Log4j2 Issue (CVE-2021-44228) — Last Updated Date: 2021/12/12 9:40 PM PDT AWS is aware of the recently disclosed security issue relating to the open-source Apache “Log4j2" utility (CVE-2021-44228). We are actively monitoring this issue, and are working on addressing it for any AWS services which either use Log4j2 or provide it to customers as …
- Apache Log4j2 Issue (CVE-2021-44228) — Initial Publication Date: 2021/12/10 7:20 PM PDT AWS is aware of the recently disclosed security issue relating to the open-source Apache “Log4j2" utility (CVE-2021-44228). We are actively monitoring this issue, and are working on addressing it for any AWS services which either use Log4j2 or provide it to customers as …
