In this session we talk about how to do detection and response in the AWS public cloud and what native AWS services can be used to do this. What options are available and what (if any) 3rd party solutions play a role here? If it was up to us, what are the top use cases a security operations.
Continue readingJeroen van der Leer discusses five main reasons modern organizations choose to adopt the public cloud - and why you should too.
Guests: Jeroen van der Leer (Oblivion)
Yesterday AWS CloudFormation Guard version 2.0 was introduced. Guard is an open source tool that can be used to validate CloudFormation templates against certain rules. You can use it for linting your templates both on syntax and semantics. Linting tools are essential in CI/CD pipelines and an powerful addition when it comes to validating structured and human-readable files such as JSON and YAML. In your delivery pipelines you would preferably run linting tests as early as possible, before proceeding to steps such as compile and deploy steps et cetera(fail-fast).
Continue readingRecently a nasty vulnerability in AWS CloudShell was reported by Google’s Project Zero. Due to a bug in the library handling interaction with the shell and the browser an attacker could trigger remote code execution. AWS CloudShell is a browser based shell which gives a pre-authenticated web-based shell. The service most-often used by a user with administrator privileges on the AWS console.
Via remote shell the credentials of the user starting AWS CloudShell can be obtained and can be used to call AWS services. Needless to say what the potential impact could have been. It would be easy to blame the developers for this vulnerability, but that would be too short sighted. In general we all know that software is written by humans and that humans are prone to error. We need a more comprehensive approach to protect our digital assets and reputation.
In the last few years the costs for running security went skyrocketing. We’ve seen an explosion of security solutions, all fighting for their own place in cybersecurity. I’m pretty sure each solution has its purpose, but from a CISO perspective the landscape is getting more complex and more expensive each year, or friendly phrased: less cost-effective.
Public cloud is the main driver for innovation. With the arrival of new thinking, new capabilities and reinventing how we run IT things have changed tremendously.
Continue readingIn the last few years the costs for running security went skyrocketing. We’ve seen an explosion of security solutions, all fighting for their own place in cybersecurity. I’m pretty sure each solution has its purpose, but from a CISO perspective the landscape is getting more complex and more expensive each year, or friendly phrased: less cost-effective.
Public cloud is the main driver for innovation. With the arrival of new thinking, new capabilities and reinventing how we run IT things have changed tremendously.
Continue reading