Lex NevaFeb 21
21
Monday February, 2022
📢 MAMIP (Monitor AWS Managed IAM Policies)
Policies changed since last week:
- AWSBackupServiceLinkedRolePolicyForBackup
- AWSBackupServiceRolePolicyForS3Backup
- AWSBackupServiceRolePolicyForS3Restore
- AWSGrafanaAccountAdministrator
- AWSGrafanaConsoleReadOnlyAccess
- AWSServiceRoleForImageBuilder
- AWSSupportServiceRolePolicy
- AmazonEMRServicePolicy_v2
- AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy
- etc...
SRE Weekly Issue #310
📖 [The CloudSecList] Issue 125
Marco from CloudSecListFeb 20
[tl;dr sec] #120 - Supply Chain & Hardening CI, Automate Yourself out of Oncall Burnout
Clint at tl;dr secFeb 17
AWS Notification Message
GuardDutyAnnouncementsFeb 17
AWS Budgets - 1 new methods
Feb 18
This change introduces DescribeBudgetNotificationsForAccount API which returns budget notifications for the specified account
AWS Transfer Family - 3 updated methods
Feb 18
Properties for Transfer Family used with SFTP, FTP, and FTPS protocols. Display Banners are bodies of text that can be displayed before and/or after a user authenticates onto a server using one of the previously mentioned protocols.
AWS Backup - 2 updated methods
Feb 17
AWS Backup add new S3_BACKUP_OBJECT_FAILED and S3_RESTORE_OBJECT_FAILED event types in BackupVaultNotifications events list.
Amazon CloudWatch Evidently - 2 updated methods
Feb 17
Add support for filtering list of experiments and launches by status
Introducing s2n-quic, a new open-source QUIC protocol implementation in Rust
Panos KampanakisFeb 17
At Amazon Web Services (AWS), security, high performance, and strong encryption for everyone are top priorities for all our services. With these priorities in mind, less than a year after QUIC ratification in the Internet Engineering Task Force (IETF), we are introducing support for the QUIC protocol which can boost …
Control access to Amazon Elastic Container Service resources by using ABAC policies
Kriti HedaFeb 17
As an AWS customer, if you use multiple Amazon Elastic Container Service (Amazon ECS) services/tasks to achieve better isolation, you often have the challenge of how to manage access to these containers. In such cases, using tags can enable you to categorize these services in different ways, such as by …
AWS User Guide to Financial Services Regulations and Guidelines in Switzerland and FINMA workbooks publications
Margo CroninFeb 16
AWS is pleased to announce the publication of the AWS User Guide to Financial Services Regulations and Guidelines in Switzerland whitepaper and workbooks. This guide refers to certain rules applicable to financial institutions in Switzerland, including banks, insurance companies, stock exchanges, securities dealers, portfolio managers, trustees and other financial entities …
Top 2021 AWS Security service launches security professionals should review – Part 1
Ryan HollandFeb 16
Given the speed of Amazon Web Services (AWS) innovation, it can sometimes be challenging to keep up with AWS Security service and feature launches. To help you stay current, here’s an overview of some of the most important 2021 AWS Security launches that security professionals should be aware of. This …
Scale AWS IAM security (Sponsor)
Securing AWS IAM shouldn’t overload experts.
You can scale AWS security out to delivery teams with k9 Security’s simple access analysis and Terraform/CDK policy automation that enables teams to right-size IAM easily.
Security built for continuous delivery, so you can scale.
proton: 1 new action
Feb 19
1 new action: NotifyResourceDeploymentStatusChange (notify proton of resource deployment status changes)
redshift: 11 new actions | 3 updated actions
Feb 18
11 new actions: AddPartner (add a partner integration to a cluster), AuthorizeEndpointAccess (authorize endpoint related activities for redshift-managed vpc endpoint), CreateEndpointAccess (create a redshift-managed vpc endpoint), DeleteEndpointAccess (delete a redshift-managed vpc endpoint), DeletePartner (delete a partner integration from a cluster), DescribeEndpointAccess (describe redshift-managed vpc endpoints), DescribeEndpointAuthorization (authorize describe activity for …
honeycode: 4 new actions
Feb 18
4 new actions: DeleteDomains (delete amazon honeycode domains for your aws account), ListTagsForResource (list all tags for a resource), TagResource (tag a resource), UntagResource (untag a resource)
Scott Piper @0xdabbad00
I am at war with IMDSv1. Comrades, please help by pointing your AWS account team at my list of requests, contacting your vendors if they are on the list, and letting me know about any vendors to add.
github.com/SummitRoute/im…
Clint Gibler @clintgibler
🔥 Ghostbuster: new tool to eliminate subdomain takeovers
Enumerates all elastic/public IPs for AWS accounts you own, & checks if there are DNS records pointing to elastic IPs you don’t own.
Code: github.com/assetnote/ghos…
By @infosec_au & @assetnote
blog.assetnote.io/2022/02/13/dan…
Zack Glick @z1g1
It’s been a month in the making but today is my last with AWS security. It’s been great working with all the folks there and all those in the community. New adventure starts on Tuesday
Clint Gibler @clintgibler
📚 tl;dr sec 120
* @MercariDev Hardening CI
* @secnerdette Automation > oncall burnout
* @infosec_au Eliminate subdomain takeovers
* @MayaKaczorowski BeyondCorp
* @hashishrajan @0xdabbad00 Cloud Security RoadMap
* @DanielMiessler TikTok behavior shaping
tldrsec.com/blog/tldr-sec-…
Aidan W Steele @__steele
This is really nice from AWS. They’ve open-sourced their Rust implementation of QUIC (basis of HTTP/3) and announced that CloudFront will be supporting it later this year.
aws.amazon.com/blogs/security…
Scott Piper @0xdabbad00
We're hiring a manager for a team dedicated entirely to GCP security!
To my AWS account team, maybe if you'd be more receptive to my IMDSv2 related requests, we'd be able to dedicate more spend to AWS...
Jason Dyke @jasonadyke
We are looking for an engineering manager for our GCP security team. Please reach out with questions!! @Square @blocks
jobs.smartrecruiters.com/Square/7439998…
Brigid Johnson @bjohnso5y
Well this should make life a lot easier!
AWS Identity @AWSIdentity
The #AWSOrganizations console just got more powerful 💪: You can now update your billing, operations & security contacts for member accounts from the console, meaning you don't need to log into each account individually. go.aws/3GZO4Xn
Kinnaird McQuade💥🌩 @kmcquade3
AWS IMDSv1 Wall of Shame 🔥🔥
If your vendor is using IMDSv1 which can give IAM credentials to applications vulnerable to SSRF, then add them to this list
Scott Piper @0xdabbad00
I am at war with IMDSv1. Comrades, please help by pointing your AWS account team at my list of requests, contacting your vendors if they are on the list, and letting me know about any vendors to add.
github.com/SummitRoute/im…
Dan Urson @notdurson
Annual trip to the office so I can wave at Canada. Hi, Canada!
Aidan W Steele @__steele
What I would really like is for the awslogs log driver to automatically include the `x-amzn-logs-format: json/emf` header so I get the same pleasant CloudWatch EMF experience in ECS as I do on Lambda.
Jaana Dogan ヤナ ドガン @rakyll
If you are using ECS and want some automagic way of your Prometheus metrics to be collected, would you be interested if they were pushed to you in a format like the Prometheus remote write? 👇
Tips for learning cloud security posture management?
Not sure if proper place to post so feel free to point me in the right direction. I work in risk management but managed to land a contract gig in cyber and cloud security. Any recommendations/tips/resources for learning CSPM tools like Sonrai (or similar ones)? Or suggestions on learning more …
- 🖊️ This newsletter was forwarded to you? Subscribe here
- 📢 Promote your content with Sponsorship
- 💌 Want to suggest new content: contact me or reply to this email
