🔷🔸Enter the Vault: Authentication Issues in HashiCorp Vault
Project Zero found two vulnerabilities in HashiCorp Vault and its integration with AWS and GCP, which can lead to an authentication bypass in configurations that use the aws and gcp auth methods. Both vulnerabilities (CVE-2020-16250/16251) were addressed by HashiCorp and are fixed in Vault versions 1.2.5, 1.3.8, 1.4.4 and 1.5.1 released in August.
https://googleprojectzero.blogspot.com/2020/10/enter-the-vault-auth-issues-hashicorp-vault.html
#aws #gcp
Project Zero found two vulnerabilities in HashiCorp Vault and its integration with AWS and GCP, which can lead to an authentication bypass in configurations that use the aws and gcp auth methods. Both vulnerabilities (CVE-2020-16250/16251) were addressed by HashiCorp and are fixed in Vault versions 1.2.5, 1.3.8, 1.4.4 and 1.5.1 released in August.
https://googleprojectzero.blogspot.com/2020/10/enter-the-vault-auth-issues-hashicorp-vault.html
#aws #gcp
Blogspot
Enter the Vault: Authentication Issues in HashiCorp Vault
Posted by Felix Wilhelm, Project Zero Introduction In this blog post I'll discuss two vulnerabilities in HashiCorp Vault and its integrati...
🔸A visual introduction to AWS Lambda permissions
Article explaining with visual examples the AWS Lambda permission model, focusing on cross-account access and the principle of least privilege.
https://dev.to/harprit/a-visual-introduction-to-aws-lambda-permissions-1k87
#aws
Article explaining with visual examples the AWS Lambda permission model, focusing on cross-account access and the principle of least privilege.
https://dev.to/harprit/a-visual-introduction-to-aws-lambda-permissions-1k87
#aws
🔸Use AWS Lambda Extensions to Securely Retrieve Secrets From HashiCorp Vault
HashiCorp announced the public preview of a HashiCorp Vault AWS Lambda extension, utilizing the newly announced AWS Lambda Extensions API (also in public preview) to securely retrieve secrets from HashiCorp Vault.
https://www.hashicorp.com/blog/aws-lambda-extensions-for-hashicorp-vault
#aws
HashiCorp announced the public preview of a HashiCorp Vault AWS Lambda extension, utilizing the newly announced AWS Lambda Extensions API (also in public preview) to securely retrieve secrets from HashiCorp Vault.
https://www.hashicorp.com/blog/aws-lambda-extensions-for-hashicorp-vault
#aws
GitHub
GitHub - hashicorp/vault-lambda-extension
Contribute to hashicorp/vault-lambda-extension development by creating an account on GitHub.
🔸Building the Next Evolution of Cloud Networks at Slack
An overview of the design decisions and tech choices made along the way for Slack’s brand-new network architecture redesign project.
https://slack.engineering/building-the-next-evolution-of-cloud-networks-at-slack/
#aws
An overview of the design decisions and tech choices made along the way for Slack’s brand-new network architecture redesign project.
https://slack.engineering/building-the-next-evolution-of-cloud-networks-at-slack/
#aws
🔸Public dataset of Cloudtrail logs from flaws.cloud
Scott Piper has released anonymized CloudTrail logs from flaws.cloud, his hands-on, free AWS security training challenges. The logs are roughly 240MB of largely attack data, covering over a 3.5 year span.
https://summitroute.com/blog/2020/10/09/public_dataset_of_cloudtrail_logs_from_flaws_cloud/
#aws
Scott Piper has released anonymized CloudTrail logs from flaws.cloud, his hands-on, free AWS security training challenges. The logs are roughly 240MB of largely attack data, covering over a 3.5 year span.
https://summitroute.com/blog/2020/10/09/public_dataset_of_cloudtrail_logs_from_flaws_cloud/
#aws
Summitroute
Summit Route - Public dataset of Cloudtrail logs from flaws.cloud
AWS Security Consulting
🔸Automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution
Learn how to automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution:
https://aws.amazon.com/ru/blogs/security/automate-aws-firewall-manager-onboarding-using-aws-centralized-waf-and-vpc-security-group-management-solution/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=adoption&trk=AWSSecurity_Blog_TWITTER&linkId=102181910
#aws
Learn how to automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution:
https://aws.amazon.com/ru/blogs/security/automate-aws-firewall-manager-onboarding-using-aws-centralized-waf-and-vpc-security-group-management-solution/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=adoption&trk=AWSSecurity_Blog_TWITTER&linkId=102181910
#aws
AWS_Security_Best_Practices.pdf
907.2 KB
🔸AWS Security Best Practices
August 2016
"We address the following topics:
• How security responsibilities are shared between AWS and you, the customer
• How to define and categorize your assets
• How to manage user access to your data using privileged accounts and groups
• Best practices for securing your data, operating systems, andnetwork
• How monitoring and alerting can help you achieve your security objectives
This whitepaper discusses security best practices in these areas at a high level"
#aws
August 2016
"We address the following topics:
• How security responsibilities are shared between AWS and you, the customer
• How to define and categorize your assets
• How to manage user access to your data using privileged accounts and groups
• Best practices for securing your data, operating systems, andnetwork
• How monitoring and alerting can help you achieve your security objectives
This whitepaper discusses security best practices in these areas at a high level"
#aws
🔸🔷🔴CloudSecDocs - very cool website about AWS, GCP, Azure and Container Security
For this moment:
- Access Management
- Infrastructure Security
- Logging & Monitoring
- Compute
- Storage
- Dev
- Offensive / Pentest
- Devops
cloudsecdocs.com
#aws #azure #gcp
For this moment:
- Access Management
- Infrastructure Security
- Logging & Monitoring
- Compute
- Storage
- Dev
- Offensive / Pentest
- Devops
cloudsecdocs.com
#aws #azure #gcp
🔸Secure data in AWS with Key Management Service (KMS)
Guide explaining core KMS concepts and showing how to encrypt your data and scale your data access management uniformly across disparate data services.
https://k9security.io/docs/secure-data-in-aws-with-key-management-service-kms/
#aws
Guide explaining core KMS concepts and showing how to encrypt your data and scale your data access management uniformly across disparate data services.
https://k9security.io/docs/secure-data-in-aws-with-key-management-service-kms/
#aws
🔸AWS Secure Environment Accelerator
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account AWS environments on an ongoing basis. The configuration file enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
https://github.com/aws-samples/aws-secure-environment-accelerator
#aws
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account AWS environments on an ongoing basis. The configuration file enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
https://github.com/aws-samples/aws-secure-environment-accelerator
#aws
This media is not supported in your browser
VIEW IN TELEGRAM
🔴🔸Announcing OpenCSPM - An Open-Source Cloud Security Posture Management and Workflow Platform
OpenCSPM is an open-source platform developed by Darkbit that aims to make continuous cloud security posture assessments of cloud environments a practical reality for security and compliance teams alike. It offers a unique approach to manage the firehose of security and compliance check results that can even modest AWS and GCP environments can surface, and its control definitions allow for simple yet powerful levels of introspection of its graph data model.
https://darkbit.io/blog/announcing-opencspm
#aws #gcp
OpenCSPM is an open-source platform developed by Darkbit that aims to make continuous cloud security posture assessments of cloud environments a practical reality for security and compliance teams alike. It offers a unique approach to manage the firehose of security and compliance check results that can even modest AWS and GCP environments can surface, and its control definitions allow for simple yet powerful levels of introspection of its graph data model.
https://darkbit.io/blog/announcing-opencspm
#aws #gcp
🔸AWS Network Firewall – New Managed Firewall Service in VPC
AWS Network Firewall lets you protect your VPC with your choice of stateless and stateful firewall rules that can inspect packets bidirectionally and even perform outbound URL filtering:
https://aws.amazon.com/ru/blogs/aws/aws-network-firewall-new-managed-firewall-service-in-vpc/
#aws
AWS Network Firewall lets you protect your VPC with your choice of stateless and stateful firewall rules that can inspect packets bidirectionally and even perform outbound URL filtering:
https://aws.amazon.com/ru/blogs/aws/aws-network-firewall-new-managed-firewall-service-in-vpc/
#aws
Forwarded from Svetlana Borodina
Public clouds most wanted: Azure skies or nasty dice? Webinar on November 25 at 16.00
At the webinar, experts will discuss the main issues of information security in public clouds and key aspects in it's protection. We will show a live demo of Check Point's Dome9, a Cloud Security Posture Management (CSPM) solution that automates governance across multi-cloud assets and services including visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks.
Issues for discussion:
📍 How not to lose control over resources settings in a public cloud
📍 How to protect against unauthorized changes and dangerous settings of public services and it's
📍 How to safely use microservices and kubernetes without creating additional risks for the company
Registration: https://events.webinar.ru/jet/cloudsecurity2511
At the webinar, experts will discuss the main issues of information security in public clouds and key aspects in it's protection. We will show a live demo of Check Point's Dome9, a Cloud Security Posture Management (CSPM) solution that automates governance across multi-cloud assets and services including visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks.
Issues for discussion:
📍 How not to lose control over resources settings in a public cloud
📍 How to protect against unauthorized changes and dangerous settings of public services and it's
📍 How to safely use microservices and kubernetes without creating additional risks for the company
Registration: https://events.webinar.ru/jet/cloudsecurity2511
Forwarded from Технологический Болт Генона
Take automated actions on your Security Command Center findings:
- Automatically create disk snapshots to enable forensic investigations.
- Revoke IAM grants that violate your desired policy.
- Notify other systems such as PagerDuty, Slack or email.
- See the full list of automations for more information.
You're in control:
- Service account runs with lowest permission needed granted at granularity you specify.
- You control which projects are enforced by each automation.
- Every action is logged to StackDriver and is easily auditable.
- Can be run in monitor mode where actions are logged only.
Security Response Automation
https://github.com/GoogleCloudPlatform/security-response-automation
🔸AWS access keys leak in GitHub repository and some improvements in Amazon reaction
Post testing Amazon's reaction to a case of leaked access keys, with analysis of the recent "AWSCompromisedKeyQuarantine" policy used to contain them.
https://rzepsky.medium.com/aws-access-keys-leak-in-github-repository-and-some-improvements-in-amazon-reaction-cc2e20e89003
🔸Learning from AWS (Customer) Security Incidents
Really interesting run through of real life security breaches that have happened to the AWS environments of high profile companies.
https://speakerdeck.com/ramimac/learning-from-aws-customer-security-incidents
#aws
Post testing Amazon's reaction to a case of leaked access keys, with analysis of the recent "AWSCompromisedKeyQuarantine" policy used to contain them.
https://rzepsky.medium.com/aws-access-keys-leak-in-github-repository-and-some-improvements-in-amazon-reaction-cc2e20e89003
🔸Learning from AWS (Customer) Security Incidents
Really interesting run through of real life security breaches that have happened to the AWS environments of high profile companies.
https://speakerdeck.com/ramimac/learning-from-aws-customer-security-incidents
#aws
Medium
AWS Access Keys Leak in GitHub Repository and Some Improvements in Amazon Reaction
AWS access keys leak via public code repository is quite known security problem. So common, that popular version control systems offer for…
🔸AWS Control Tower By Example
A hands-on walk-through of the the easiest way to set up and govern a secure, compliant, multi-account AWS environment based on best practices.
#aws
A hands-on walk-through of the the easiest way to set up and govern a secure, compliant, multi-account AWS environment based on best practices.
#aws
🔷 awesome-azure-security
A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.
https://github.com/kmcquade/awesome-azure-security
#azure
A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.
https://github.com/kmcquade/awesome-azure-security
#azure