CloudSec Wine
前往频道在 Telegram
All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops
显示更多2 239
订阅者
无数据24 小时
+117 天
+1430 天
帖子存档
2 239
🔶 Amazon CloudWatch Logs announces Live Tail streaming CLI support
You can now view your logs interactively in real-time as they're ingested via AWS CLI or programmatically within your own custom dashboards inside or outside of AWS.
https://aws.amazon.com/ru/about-aws/whats-new/2024/06/amazon-cloudwatch-logs-announces-live-tail-streaming-cli-support/
#aws
2 239
🔶 Things you wish you didn't need to know about S3
S3 is weirder than you think. Make sure you know all the quirks before they turn into vulnerabilities in your AWS infrastructure.
https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/
#aws
2 239
🔶 Accelerate incident response with Amazon Security Lake
The first of a two-part series that will demonstrate the value of Amazon Security Lake and how you can use it and other resources to accelerate your incident response (IR) capabilities.
https://aws.amazon.com/ru/blogs/security/accelerate-incident-response-with-amazon-security-lake/
#aws
2 239
🔶 How Parametric Built Audit Surveillance using AWS Data Lake Architecture
How Parametric implemented their Audit Surveillance Data Lake on AWS with purpose-built fully managed analytics services. With this solution, Parametric was able to respond to various audit requests within hours rather than days or weeks.
https://aws.amazon.com/ru/blogs/architecture/how-parametric-built-audit-surveillance-using-aws-data-lake-architecture/
#aws
2 239
🔴 What's new for the Google Cloud global front end for web delivery and protection
A deeper look at how the global front end solution improves the performance, protection, and scalability of their internet-facing web services.
https://cloud.google.com/blog/products/networking/recent-enhancements-to-the-global-front-end-solution/
#gcp
2 239
🔶 Publicly Exposed AWS Document DB Snapshots
Post detailing the research around DocumentDB, and a deep dive on a public exposure impacting millions of customers of a publicly traded company.
https://ramimac.me/exposed-docdb
#aws
2 239
🔶 Non-Production Endpoints as an Attack Surface in AWS
Two new archetypes for bypassing AWS CloudTrail through certain non-production endpoints with API actions that access account-level information and through API calls which generate multiple events in CloudTrail.
https://securitylabs.datadoghq.com/articles/non-production-endpoints-as-an-attack-surface-in-aws/
#aws
2 239
🔴 Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets
Bitbucket Secured Variables can be leaked in your pipeline and expose you to security breaches.
https://cloud.google.com/blog/topics/threat-intelligence/bitbucket-pipeline-leaking-secrets
#gcp
2 239
🔶 AWS Cloud Incident Analysis Query Cheatsheet
A cheatsheet for analyzing AWS cloud incidents using CloudTrail with AWS Athena.
https://securosis.com/blog/aws-cloud-incident-analysis-query-cheatsheet/
#aws
2 239
🔶 The Best Way to Start with AWS Security Hub
AWS Security Hub is an awesome tool for creating a native, organization-wide security feed. Learn how to set it up right from the start, for the lowest cost.
https://slaw.securosis.com/p/best-way-start-aws-security-hub
#aws
2 239
🔶 Tactical Cloud Audit Log Analysis with DuckDB
Using DuckDB to query Cloud Provider audit logs when you don't have a SIEM available.
https://dev.to/aws-builders/tactical-cloud-audit-log-analysis-with-duckdb-aws-cloudtrail-2amk
#aws
2 239
🔶👩💻 Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure Part 2
To prevent abuse against the use of Snapshot Creation, Instance Creation and Instance Deletion features within cloud environments, security teams and cyber-defenders must ensure that proper monitoring and logging services are enabled across all cloud providers they utilize.
https://permiso.io/blog/unmasking-adversary-cloud-defense-evasion-strategies-modify-cloud-compute-infrastructure-part-2-detections-and-mitigations
#aws #azure
2 239
🔶 How to use AWS managed applications with IAM Identity Center: Enable Amazon Q without migrating existing IAM federation flows
How you can enable Identity Center and use AWS managed applications, such as Amazon Q, without migrating existing IAM federation flows to Identity Center.
https://aws.amazon.com/ru/blogs/security/how-to-use-aws-managed-applications-with-iam-identity-center/
#aws
2 239
🔴 Automatically disabling leaked service account keys: What you need to know
Starting June 16, exposed service account keys that have been detected in services including public repos will be automatically disabled by default for new and existing customers.
https://cloud.google.com/blog/products/identity-security/automatically-disabling-leaked-service-account-keys-what-you-need-to-know
#gcp
2 239
🔶 Investigating lateral movements with Amazon Detective investigation and Security Lake integration
How you can use the Amazon Detective Investigation feature to investigate IAM user and role activity and use the Security Lake integration to determine the specific EC2 instances a threat actor appeared to be targeting.
https://aws.amazon.com/ru/blogs/security/investigating-lateral-movements-with-amazon-detective-investigation-and-security-lake-integration/
#aws
2 239
🔶 Governing and securing AWS PrivateLink service access at scale in multi-account environments
A way to create preventative controls through the use of service control policies (SCPs) and detective controls through event-driven automation.
https://aws.amazon.com/ru/blogs/security/governing-and-securing-aws-privatelink-service-access-at-scale-in-multi-account-environments/
#aws
2 239
🔶 Monitoring your EKS clusters audit logs
A plugin has replaced the way Falco consumes the Audit Logs generated by a K8s API server. With these plugins, Falco covers more in depth the aspects of your infrastructure and allows you to use a single syntax for rules.
https://falco.org/blog/k8saudit-eks-plugin/
#aws
2 239
👩💻 Hunting in Azure subscriptions
This blog post covers various strategies and methodologies to help understand the scope and complexity of how threat actors' manoeuvre within Azure subscriptions.
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/hunting-in-azure-subscriptions/ba-p/4125875
#azure
2 239
🔴 Introducing Google Security Operations: Intel-driven, AI-powered SecOps
At RSA, Google announced AI innovations across the Google Cloud Security portfolio, including Google Threat Intelligence, and the latest release of Google Security Operations
https://cloud.google.com/blog/products/identity-security/introducing-google-security-operations-intel-driven-ai-powered-secops-at-rsa/
#gcp
2 239
🔶 AWS Application Load Balancer mTLS with open-source cloud CA
A step-by-step guide on implementing mTLS for AWS Application Load Balancer using an open-source cloud CA.
https://medium.com/@paulschwarzenberger/aws-application-load-balancer-mtls-with-open-source-cloud-ca-277cb40d60c7
(Use VPN to open from Russia)
#aws
