Sending Events from Cloudwatch to Lambda
Sending CloudWatch/EventBridge Events (Like Guard Duty) to Lambda Someone [...]
ALERT to FIX in a MINUTE
ALERT to FIX in a MINUTE As Rich and I have [...]
Supercharging Security Hub: Part 4, Taking Action
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.
Supercharging AWS Security Hub: Part 3, Taming the Console
In our last post we covered getting started with Security Hub and how to set up an optimized configuration, including prepping forward findings for alerting or remediation. Now although we’ve introduced the core capabilities, in this post we’ll walk through the different parts of the console...
Supercharging AWS Security Hub: Part 2, Get a Running Start
Continuing our dive into AWS Security hub let’s jump into setting up. Don’t worry, I won’t just rehash the AWS documentation; this post will cover our recommended configuration, how to push findings and events back into your security infrastructure...
Advanced Techniques for Defending AWS ExternalID and Cross-Account AssumeRole Access
Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole [...]
Easy Does It – Understanding Object Storage Public Data Exposure
Easy Does It — Understanding Object Storage Public Data [...]
Hitting PaaS on Inadvertent Cloud Database Exposure
Hitting PaaS on Inadvertent Cloud Database Exposure As we [...]
Unseen Exposure – Tackling the Pervasive Server Remote Access Issue
Unseen Exposure – Tackling the Pervasive Server Remote Access [...]
Don’t Start Static – Mitigating Cloud API Credential Exposure
Don’t Start Static – Mitigating Cloud API Credential [...]