AWS Security Trends of 2022: Five Themes and Why They Matter

AWS Security Trends of 2022: Five Themes and Why They Matter

Building securely in the cloud can feel daunting given the sheer volume of ever-changing information to review, assess, and deconflict for your business needs. For example, AWS releases countless updates, new features, ...
Rhysida ransomware decryptor

AWS Adds More Tools to Secure Cloud Workloads

Amazon Web Services (AWS) today expanded its portfolio of cloud security tools as part of an ongoing effort to make it simpler to secure application environments running on its infrastructure. The additional ...
Security Boulevard
Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS

Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS

 Overview In AWS, sts:AssumeRole is an action within AWS’s Security Token Service that allows existing IAM principals to access AWS resources to which they may not already have access. For example, Role ...
aws data breach

6.5TB of Sensitive Data Flies Away in Airline Cloud Data Breach

Reading Time: 4 minutes So What Happened? Just a few days ago, Pegasus Airline experienced a high-magnitude AWS data breach compromising 6.5TB of data. Ultimately, 23 million files were publicly exposed, including ...
aws effective permissions

Avoid AWS Effective Permissions Pitfalls

Reading Time: 5 minutes Understand the difference between fact and fiction when it comes to your effective permissions reducing complexity in your public cloud ...
CodeSec by Contrast Security - Evaluator Guide

CodeSec by Contrast Security – Evaluator Guide

CodeSec by Contrast brings enterprise-level security right to your development workflow for free. Make code and serverless security simple and efficient with quick scan times, market-leading accuracy, actionable results and seamless integration ...
Excessive Permissions

6 Tips for Successfully Securing Your AWS Environment

| | aws
Top six actions and practices you can take to protect your AWS environment today. The post 6 Tips for Successfully Securing Your AWS Environment appeared first on Ermetic ...

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 18, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...

Anitian Achieves AWS DevOps Competency Status

Anitian achieves Amazon Web Services (AWS) DevOps Competency, validating its technical proficiency and proven customer success specializing in DevSecOps. The post Anitian Achieves AWS DevOps Competency Status appeared first on Anitian ...
"Access Undenied: Automatically discovering reasons for Access Denied messages in IAM" - Noam Dahan

Access Undenied on AWS

| | aws
Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes. The post Access Undenied on ...