fa
Feedback
CloudSec Wine

CloudSec Wine

رفتن به کانال در Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

نمایش بیشتر
2 228
مشترکین
اطلاعاتی وجود ندارد24 ساعت
+17 روز
+330 روز
آرشیو پست ها
🔸AWS Secure Environment Accelerator The AWS Secure Environment Accelerator is a tool designed to help deploy and operate sec
🔸AWS Secure Environment Accelerator The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account AWS environments on an ongoing basis. The configuration file enables the completely automated deployment of customizable architectures within AWS without changing a single line of code. https://github.com/aws-samples/aws-secure-environment-accelerator #aws

unit-42-cloud-threat-report-2h-2020 (1).pdf4.23 MB

photo content

🔸Secure data in AWS with Key Management Service (KMS) Guide explaining core KMS concepts and showing how to encrypt your dat
🔸Secure data in AWS with Key Management Service (KMS) Guide explaining core KMS concepts and showing how to encrypt your data and scale your data access management uniformly across disparate data services. https://k9security.io/docs/secure-data-in-aws-with-key-management-service-kms/ #aws

🔸🔷🔴CloudSecDocs - very cool website about AWS, GCP, Azure and Container Security For this moment: - Access Management - In
🔸🔷🔴CloudSecDocs - very cool website about AWS, GCP, Azure and Container Security For this moment: - Access Management - Infrastructure Security - Logging & Monitoring - Compute - Storage - Dev - Offensive / Pentest - Devops cloudsecdocs.com #aws #azure #gcp

🔸AWS Security Best Practices August 2016 "We address the following topics: • How security responsibilities are shared between AWS and you, the customer • How to define and categorize your assets • How to manage user access to your data using privileged accounts and groups • Best practices for securing your data, operating systems, andnetwork • How monitoring and alerting can help you achieve your security objectives This whitepaper discusses security best practices in these areas at a high level" #aws

🔸Automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution Learn how to
🔸Automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution Learn how to automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution: https://aws.amazon.com/ru/blogs/security/automate-aws-firewall-manager-onboarding-using-aws-centralized-waf-and-vpc-security-group-management-solution/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=adoption&trk=AWSSecurity_Blog_TWITTER&linkId=102181910 #aws

🔸Public dataset of Cloudtrail logs from flaws.cloud Scott Piper has released anonymized CloudTrail logs from flaws.cloud, his hands-on, free AWS security training challenges. The logs are roughly 240MB of largely attack data, covering over a 3.5 year span. https://summitroute.com/blog/2020/10/09/public_dataset_of_cloudtrail_logs_from_flaws_cloud/ #aws

🔸Building the Next Evolution of Cloud Networks at Slack An overview of the design decisions and tech choices made along the
🔸Building the Next Evolution of Cloud Networks at Slack An overview of the design decisions and tech choices made along the way for Slack’s brand-new network architecture redesign project. https://slack.engineering/building-the-next-evolution-of-cloud-networks-at-slack/ #aws

🔸Use AWS Lambda Extensions to Securely Retrieve Secrets From HashiCorp Vault HashiCorp announced the public preview of a HashiCorp Vault AWS Lambda extension, utilizing the newly announced AWS Lambda Extensions API (also in public preview) to securely retrieve secrets from HashiCorp Vault. https://www.hashicorp.com/blog/aws-lambda-extensions-for-hashicorp-vault #aws

🔸A visual introduction to AWS Lambda permissions Article explaining with visual examples the AWS Lambda permission model, fo
🔸A visual introduction to AWS Lambda permissions Article explaining with visual examples the AWS Lambda permission model, focusing on cross-account access and the principle of least privilege. https://dev.to/harprit/a-visual-introduction-to-aws-lambda-permissions-1k87 #aws

🔷🔸Enter the Vault: Authentication Issues in HashiCorp Vault Project Zero found two vulnerabilities in HashiCorp Vault and its integration with AWS and GCP, which can lead to an authentication bypass in configurations that use the aws and gcp auth methods. Both vulnerabilities (CVE-2020-16250/16251) were addressed by HashiCorp and are fixed in Vault versions 1.2.5, 1.3.8, 1.4.4 and 1.5.1 released in August. https://googleprojectzero.blogspot.com/2020/10/enter-the-vault-auth-issues-hashicorp-vault.html #aws #gcp

Serverless Seurity #aws #azure #gcp

photo content

🔸Offensive Terraform Modules Collection of (automated) offensive attack modules defined as Infrastructure as Code (IAC). htt
🔸Offensive Terraform Modules Collection of (automated) offensive attack modules defined as Infrastructure as Code (IAC). https://offensive-terraform.github.io/ #aws

🔸AWS IAM explained for Red and Blue teams Article trying to shine some light on IAM, as well as some ways to enumerate it with different tools. https://medium.com/bugbountywriteup/aws-iam-explained-for-red-and-blue-teams-2dda8b20fbf7 #aws

🔸AWS Digital Forensics Automation at Goldman Sachs Goldman Sachs has automated an event-driven cloud response solution that
🔸AWS Digital Forensics Automation at Goldman Sachs Goldman Sachs has automated an event-driven cloud response solution that uses AWS native services to successfully collect disk and memory evidence from Amazon EC2 instances. The solution uses AWS security services Amazon GuardDuty and AWS Security Hub. It also leverages a variety of services such as AWS Lambda, AWS Step Functions, and AWS Systems Manager (SSM). This Tech Talk provides an overview of Goldman Sachs' environment and a deep dive on how they built automation for digital forensics using AWS native services. https://youtu.be/CR4_a-TO_gw #aws

🔸Security Architecture Review Of A Cloud Native Environment Walkthrough of a cloud security assessment performed on an organ
🔸Security Architecture Review Of A Cloud Native Environment Walkthrough of a cloud security assessment performed on an organisation which had recently moved their infrastructure from an on-prem to a cloud native solution (AWS). https://notsosecure.com/security-architecture-review-of-a-cloud-native-environment/ #aws

🔸Awesome AWS S3 - Security, Tools and Intel Collection of tools, techniques and useful links concerning security and exposed AWS S3 Buckets https://github.com/mxm0z/awesome-sec-s3#awesome-aws-s3---security-tools-and-intel #aws

🔸iam-policies-cli A CLI tool for building simple to complex IAM policies based on CloudFormation templates. https://github.com/mhlabs/iam-policies-cli #aws