AWS Security. A compilation of stories written about… | by Teri Radichel | Cloud Security | Nov, 2022 | Solo Tech

There’s over 100 posts on this sequence which walks by implementing a safe AWS structure with governance and never carried out…not going to repeat all these right here so take a look at the hyperlinks within the following put up.

Short-term entry to log into an AWS VM utilizing an AWS IOT Button

What’s attention-grabbing about this specific put up is that after publishing it, Azure applied one thing known as Simply In Time entry (JIT) on Azure with Privileged Entry Administration (PIM). You get restricted entry to a VM on Azure and when your time is up, entry is shut off. Organizations can require individuals to request entry previous to utilizing it. Now this service is on the market in Azure for AWS EC2 cases (in preview on the time of this writing).

Why one among your favourite pentesting strategies doesn’t work on AWS

I used to be shocked simply how common this put up has been over time. It was attention-grabbing to attend a presentation shortly after posting this at an occasion placed on by a corporation I work with. A duplicate of the diagram on this put up was virtually copied and put into the deck by the writer. A distinct particular person was giving the speak with the slides and was shocked to see the slide and couldn’t clarify it :-D. Please present references and provides credit score while you carry different individuals’s content material.

Amazon DocumentDB Community Entry — Why the VPC?

I’m repeatedly attempting to elucidate community safety to builders. I typically really feel like I haven’t carried out a ok job as a result of the subject retains developing however I’ll hold attempting. That is a type of posts.

Keys to AWS Success

Additionally you could be on this abstract of Keys to AWS Success from Andy Jassy in a previous AWS re:Invent keynote.

SSH to an AWS EC2 Occasion with a Chromebook

My nephew was serving to me take a look at my AWS safety lessons and had a Chromebook. He’s one of many least taken with faculty and know-how in my household and didn’t even final very lengthy after I wrote this put up — however mockingly is one among my put up common weblog posts. (Although not into faculty or tech he’s really excellent at math and simply did an incredible job of including brick pavers to our again yard. Everybody has their very own “factor.”)

Simpler CloudFormation

Many individuals wrestle with CloudFormation. I feel that’s partly as a result of method it’s offered. Hopefully this put up makes it simpler to get began.

My Historical past of DevSecOps

The primary time I heard DevSecOps was when offered by some AWS safety gurus at AWS re:Invent. That was a part of my journey to AWS safety.

.NET AWS Lambda Operate

When AWS launched .NET for AWS Lambda, I took a glance. Surprisingly this has additionally been a very fashionable put up. There should be lots of people attempting out .NET with AWS Lambda!

Zooma! Zoom! Zoom!

I attempted working Zoom on an AWS Workspace occasion. It labored for some time however had some points. I want this work work on a typical EC2 occasion as a result of AWS Workspaces are a bit costly.

Step-by-step method to putting in Zoom on Amazon Workspaces

The issue I hit was that the driving force began failing after initially working. I haven’t obtained again to testing this additional. I’m additionally involved in regards to the safety implications of putting in this driver. I put in it on a machine particularly used for communications on a locked down community. I want AWS would construct an answer for this. (In the event that they haven’t but.)

Cross account AWS IAM roles with exterior IDs and MFA

I take advantage of MFA when performing AWS penetration exams. It really works with AWS IAM however not AWS SSO. This put up explains MFA with the AWS CLI and an exterior ID. In my first hyperlink on this put up I’ve posts on the associated safety menace that an exterior ID helps shield in opposition to — the confused deputy assault.

Set up Go on AWS EC2

Primarily based on my stats, lots of people are taken with usign golang on AWS.

I wrote in regards to the safety advantages of Go right here:

Actual World Cloud Compromise

I gave a presentation for AWS Girls in Tech on AWS utility vulnerabilities discovered on penetration exams.

Serverless Safety

On this presentation at RSA 2020 I talked about safety providers environments and some points I discovered on AWS penetration exams.

Pink Group vs. Blue Group on AWS

On this presentation, Kolby Allen and I speak about assaults and defenses on AWS.

Safety & Machine Studying

In these posts I discover safety and machine studying, and I attempted an Amazon DeepRacer.

AWS IAM Position Profiles with Boto3

On this put up I clarify use AWS IAM Roles with Boto3.

Mapping Assault Paths

This put up talks about instruments I take advantage of on AWS penetration exams to map out community assault paths.

AWS 2020 re:Invent Bulletins

AWS Assets used within the Photo voltaic Winds Breach

This put up explains how AWS sources had been used within the Photo voltaic Winds Breach.

Hackers as Cloud Prospects

Defined how attackers used AWS and Azure within the Photo voltaic Winds Breach.

What’s in Your Cloud?

My hottest put up (sadly) on the Capital One Breach.

Amazon declined to testify at congressional listening to on SolarWinds hack

A put up on click on bait reporting.

On Changing into an AWS Hero

Container Escape in AWS HotPatch

Cloud Safety Structure

When you appreciated these posts you may also like this abstract of Cloud Safety Structure posts.

Observe for updates.

Teri Radichel

When you appreciated this story please clap and observe:


Medium: Teri Radichel or E mail Record: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests providers through LinkedIn: Teri Radichel or IANS Analysis


© 2nd Sight Lab 2022



Cybersecurity for Executives within the Age of Cloud on Amazon

Want Cloud Safety Coaching? 2nd Sight Lab Cloud Safety Coaching

Is your cloud safe? Rent 2nd Sight Lab for a penetration take a look at or safety evaluation.

Have a Cybersecurity or Cloud Safety Query? Ask Teri Radichel by scheduling a name with IANS Analysis.

Cybersecurity & Cloud Safety Assets by Teri Radichel: Cybersecurity and Cloud safety lessons, articles, white papers, shows, and podcasts

AWS Security. A compilation of stories written about… | by Teri Radichel | Cloud Security | Nov, 2022