ch
Feedback
CloudSec Wine

CloudSec Wine

前往频道在 Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

显示更多
2 228
订阅者
无数据24 小时
+17
+330
帖子存档
🔹Azure Security Basics: Log Analytics, Security Center, and Sentinel Log Analytics, Sentinel, and ATP can produce a complete picture of your Azure authentication border defenses, virtual server happenings, and everything in between them. https://www.blackhillsinfosec.com/azure-security-basics-log-analytics-security-center-and-sentinel/ #azure

🔸Lesser Known Techniques for Attacking AWS Environments "This post will discuss lesser known attack techniques that I would
🔸Lesser Known Techniques for Attacking AWS Environments "This post will discuss lesser known attack techniques that I would use in attacking AWS accounts and conclude with a discussion of defenses. A common theme among many of these concepts is abusing trust, whether that is incorrectly trusting attacker controlled resources hosted on AWS, or the trust relationships between accounts or within an account. I’ll discuss a few techniques in gaining initial access, recon, lateral movement between accounts, and data exfiltration." https://tldrsec.com/blog/lesser-known-aws-attacks/ #aws

🔴Google Cloud Platform (GCP) Service Account-based Privilege Escalation paths The Praetorian team uncovered a GCP risk scenario in which privileges in a compromised service can be used to further escalate privileges. https://www.praetorian.com/blog/google-cloud-platform-gcp-service-account-based-privilege-escalation-paths #gcp

🔸Gaining Persistency on Vulnerable Lambdas What can an attacker do if they found a Remote Code Execution (RCE) vulnerability in a Lambda function? https://unit42.paloaltonetworks.com/gaining-persistency-vulnerable-lambdas/ #aws

🔸AWS Audit Manager Simplifies Audit Preparation Audit Manager is a new AWS service that “provides prebuilt frameworks for common industry standards and regulations, and automates the continual collection of evidence to help you in preparing for an audit.” https://aws.amazon.com/blogs/aws/aws-audit-manager-simplifies-audit-preparation/ #aws

🔸AWS Systems Manager Attack and defense strategies Post covering multiple aspects of Systems Manager, Documents and how to protect and detect techniques leveraging its "Run Command". https://blog.karims.cloud/2020/12/08/ssm-attack-and-defense-strategies.html #aws

🔸Netflix/consoleme New tool from the Netflix cloud security team that “strives to be a multi-account AWS swiss-army knife, making AWS easier for your end-users and cloud administrators.” - Consolidates the management of multiple accounts into a single web UI. - Allows your end-users and admins to get credentials / console access to your different AWS accounts, depending on their authorization level. - Provides mechanisms for end-users and admins to both request and manage permissions for IAM roles, S3 buckets, SQS queues, and SNS topics. - A self-service wizard is also provided to guide users into requesting the permissions they desire. https://github.com/Netflix/consoleme #aws

🔸"I took a first pass at mapping out how AWS security services all connect to one another and where to categorize them." htt
🔸"I took a first pass at mapping out how AWS security services all connect to one another and where to categorize them." https://twitter.com/0xdabbad00/status/1336494125617541120 #aws

🔹Privilege Escalation in AKS Clusters Read access to ConfigMaps by default allowed privilege escalation in Microsoft's Kubernetes AKS. https://medium.com/sse-blog/privilege-escalation-in-aks-clusters-18222ab53f28 #azure

🔸Evilginx-ing into the cloud: How we detected a red team attack in AWS Another interesting walk through from the Expel team on a red team exercise they recently spotted in a customer's AWS cloud environment. https://expel.io/blog/evilginx-into-cloud-detected-red-team-attack-in-aws/ #aws

🔷 awesome-azure-security A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources. https
🔷 awesome-azure-security A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources. https://github.com/kmcquade/awesome-azure-security #azure

🔸AWS Control Tower By Example A hands-on walk-through of the the easiest way to set up and govern a secure, compliant, multi
🔸AWS Control Tower By Example A hands-on walk-through of the the easiest way to set up and govern a secure, compliant, multi-account AWS environment based on best practices. #aws

🔸AWS access keys leak in GitHub repository and some improvements in Amazon reaction Post testing Amazon's reaction to a case of leaked access keys, with analysis of the recent "AWSCompromisedKeyQuarantine" policy used to contain them. https://rzepsky.medium.com/aws-access-keys-leak-in-github-repository-and-some-improvements-in-amazon-reaction-cc2e20e89003 🔸Learning from AWS (Customer) Security Incidents Really interesting run through of real life security breaches that have happened to the AWS environments of high profile companies. https://speakerdeck.com/ramimac/learning-from-aws-customer-security-incidents #aws

Take automated actions on your Security Command Center findings: - Automatically create disk snapshots to enable forensic inv
Take automated actions on your Security Command Center findings:
 - Automatically create disk snapshots to enable forensic investigations.
 - Revoke IAM grants that violate your desired policy.
 - Notify other systems such as PagerDuty, Slack or email.
 - See the full list of automations for more information.

You're in control:
 - Service account runs with lowest permission needed granted at granularity you specify.
 - You control which projects are enforced by each automation.
 - Every action is logged to StackDriver and is easily auditable.
 - Can be run in monitor mode where actions are logged only.
Security Response Automation https://github.com/GoogleCloudPlatform/security-response-automation

Public clouds most wanted: Azure skies or nasty dice? Webinar on November 25 at 16.00 At the webinar, experts will discuss th
Public clouds most wanted: Azure skies or nasty dice? Webinar on November 25 at 16.00 At the webinar, experts will discuss the main issues of information security in public clouds and key aspects in it's protection. We will show a live demo of Check Point's Dome9, a Cloud Security Posture Management (CSPM) solution that automates governance across multi-cloud assets and services including visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks. Issues for discussion: 📍 How not to lose control over resources settings in a public cloud 📍 How to protect against unauthorized changes and dangerous settings of public services and it's 📍 How to safely use microservices and kubernetes without creating additional risks for the company Registration: https://events.webinar.ru/jet/cloudsecurity2511

🔸AWS Network Firewall – New Managed Firewall Service in VPC AWS Network Firewall lets you protect your VPC with your choice
🔸AWS Network Firewall – New Managed Firewall Service in VPC AWS Network Firewall lets you protect your VPC with your choice of stateless and stateful firewall rules that can inspect packets bidirectionally and even perform outbound URL filtering: https://aws.amazon.com/ru/blogs/aws/aws-network-firewall-new-managed-firewall-service-in-vpc/ #aws

🔴🔸Announcing OpenCSPM - An Open-Source Cloud Security Posture Management and Workflow Platform OpenCSPM is an open-source platform developed by Darkbit that aims to make continuous cloud security posture assessments of cloud environments a practical reality for security and compliance teams alike. It offers a unique approach to manage the firehose of security and compliance check results that can even modest AWS and GCP environments can surface, and its control definitions allow for simple yet powerful levels of introspection of its graph data model. https://darkbit.io/blog/announcing-opencspm #aws #gcp

🔴🔸Announcing OpenCSPM - An Open-Source Cloud Security Posture Management and Workflow Platform OpenCSPM is an open-source platform developed by Darkbit that aims to make continuous cloud security posture assessments of cloud environments a practical reality for security and compliance teams alike. It offers a unique approach to manage the firehose of security and compliance check results that can even modest AWS and GCP environments can surface, and its control definitions allow for simple yet powerful levels of introspection of its graph data model. https://darkbit.io/blog/announcing-opencspm #aws #gcp

🔸AWS Security Maturity Roadmap Written by Scott Piper <scott@summitroute.com> #aws