ALERT to FIX in a MINUTE As Rich and I have been talking about for years, the ability to move to automated cloud security operations remains one of the most compelling opportunities for improving security in [...]
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.
Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique - AWS IAM Assume Role Vulnerabilities [...]
AWS Security Management with SecurityHub Security has been a top concern with cloud adoption since its inception and as a result, security has been a top concern of cloud vendors as well. To help customers meet the security challenges of [...]
Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that cloud platform providers are doing an inherently bad job. The [...]
Hitting PaaS on Inadvertent Cloud Database Exposure As we hit the third installment in our Top 10 Cloud Attack Killchains series you’re probably starting to notice that none of these attacks take a rocket scientist to pull off. If you’ve read the [...]
Unseen Exposure – Tackling the Pervasive Server Remote Access Issue One of my philosophies regarding the proliferation of relatively straightforward cloud security issues – those that are basically uncomplicated, yet challenging to address based on sheer volume – is [...]
Don’t Start Static – Mitigating Cloud API Credential Exposure And away we go! Here’s the first in our recently announced series on the Top 10 Cloud Attack Killchains – a set of blogs that aim to help you [...]
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.