aws
AWS Security Trends of 2022: Five Themes and Why They Matter
Building securely in the cloud can feel daunting given the sheer volume of ever-changing information to review, assess, and deconflict for your business needs. For example, AWS releases countless updates, new features, ...
AWS Adds More Tools to Secure Cloud Workloads
Amazon Web Services (AWS) today expanded its portfolio of cloud security tools as part of an ongoing effort to make it simpler to secure application environments running on its infrastructure. The additional ...
Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS
Overview In AWS, sts:AssumeRole is an action within AWS’s Security Token Service that allows existing IAM principals to access AWS resources to which they may not already have access. For example, Role ...
6.5TB of Sensitive Data Flies Away in Airline Cloud Data Breach
Reading Time: 4 minutes So What Happened? Just a few days ago, Pegasus Airline experienced a high-magnitude AWS data breach compromising 6.5TB of data. Ultimately, 23 million files were publicly exposed, including ...
Avoid AWS Effective Permissions Pitfalls
Reading Time: 5 minutes Understand the difference between fact and fiction when it comes to your effective permissions reducing complexity in your public cloud ...
CodeSec by Contrast Security – Evaluator Guide
CodeSec by Contrast brings enterprise-level security right to your development workflow for free. Make code and serverless security simple and efficient with quick scan times, market-leading accuracy, actionable results and seamless integration ...
6 Tips for Successfully Securing Your AWS Environment
Top six actions and practices you can take to protect your AWS environment today. The post 6 Tips for Successfully Securing Your AWS Environment appeared first on Ermetic ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 18, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
Anitian Achieves AWS DevOps Competency Status
Anitian achieves Amazon Web Services (AWS) DevOps Competency, validating its technical proficiency and proven customer success specializing in DevSecOps. The post Anitian Achieves AWS DevOps Competency Status appeared first on Anitian ...
Access Undenied on AWS
Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes. The post Access Undenied on ...