Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique -
AWS Security Management with SecurityHub Security has been a top concern with cloud adoption since its inception and as a result, security has been a top concern of cloud vendors as well. To help customers
Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that cloud platform providers are doing
SSRF Defense Step 1: Protect Data Storage Targets In previous posts Rich Mogull discussed using IAM Roles to break the attacker kill chain in AWS. We are excited to announce that DisruptOps now supports guardrails to automatically ensure you’re not
Yes, Finding Public S3 Buckets Is Automated and Easy Attackers are automating the discovery of public AWS S3 buckets. Are you automating your security defense? We found a list of over 60,000 public S3 buckets. Verdict (a UK-based tech journal)
AWS RDP Scanning I came across a great post from Joseph Wood at HP last week, on the recent dramatic increase in RDP scanning in AWS -- specifically scanning of the RDP port. Down in the comments someone asked, “Why anyone
What You Need to Know About AWS Security Monitoring, Logging, and Alerting In terms of AWS security, first the good news: Amazon Web Services offers an impressive collection of security monitoring and logging capabilities. Now the bad news: these
Configuration mistakes. This is not a new issue. IT and Security Operations teams have been struggling with managing configurations for as long as they have existed. As organizations start down the cloud path, the problem becomes more acute. There are simply too
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move their production workloads to the cloud, it doesn’t take long
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.