A compilation of tales written about AWS by Teri Radichel
There’s over 100 posts on this collection which walks by implementing a safe AWS structure with governance and never completed…not going to repeat all these right here so try the hyperlinks within the following submit.
Non permanent entry to log into an AWS VM utilizing an AWS IOT Button
What’s attention-grabbing about this specific submit is that after publishing it, Azure applied one thing referred to as Simply In Time entry (JIT) on Azure with Privileged Entry Administration (PIM). You get restricted entry to a VM on Azure and when your time is up, entry is shut off. Organizations can require folks to request entry previous to utilizing it. Now this service is offered in Azure for AWS EC2 situations (in preview on the time of this writing).
Why one in every of your favourite pentesting methods doesn’t work on AWS
I used to be shocked simply how fashionable this submit has been over time. It was attention-grabbing to attend a presentation shortly after posting this at an occasion placed on by a company I work with. A replica of the diagram on this submit was virtually copied and put into the deck by the writer. A special individual was giving the discuss with the slides and was shocked to see the slide and couldn’t clarify it :-D. Please present references and provides credit score while you carry different folks’s content material.
Amazon DocumentDB Community Entry — Why the VPC?
I’m repeatedly attempting to clarify community safety to builders. I usually really feel like I haven’t completed a ok job as a result of the subject retains arising however I’ll preserve attempting. That is a type of posts.
Keys to AWS Success
Additionally you is likely to be on this abstract of Keys to AWS Success from Andy Jassy in a previous AWS re:Invent keynote.
SSH to an AWS EC2 Occasion with a Chromebook
My nephew was serving to me take a look at my AWS safety lessons and had a Chromebook. He’s one of many least fascinated with college and know-how in my household and didn’t even final very lengthy after I wrote this submit — however paradoxically is one in every of my submit fashionable weblog posts. (Although not into college or tech he’s really superb at math and simply did a tremendous job of including brick pavers to our again yard. Everybody has their very own “factor.”)
Simpler CloudFormation
Many individuals battle with CloudFormation. I feel that’s partially as a result of means it’s offered. Hopefully this submit makes it simpler to get began.
My Historical past of DevSecOps
The primary time I heard DevSecOps was when offered by some AWS safety gurus at AWS re:Invent. That was a part of my journey to AWS safety.
.NET AWS Lambda Perform
When AWS launched .NET for AWS Lambda, I took a glance. Surprisingly this has additionally been a extremely popular submit. There have to be lots of people attempting out .NET with AWS Lambda!
Zooma! Zoom! Zoom!
I attempted working Zoom on an AWS Workspace occasion. It labored for some time however had some points. I want this work work on a typical EC2 occasion as a result of AWS Workspaces are a bit costly.
Step-by-step strategy to putting in Zoom on Amazon Workspaces
The issue I hit was that the driving force began failing after initially working. I haven’t bought again to testing this additional. I’m additionally involved in regards to the safety implications of putting in this driver. I put in it on a machine particularly used for communications on a locked down community. I want AWS would construct an answer for this. (In the event that they haven’t but.)
Cross account AWS IAM roles with exterior IDs and MFA
I take advantage of MFA when performing AWS penetration exams. It really works with AWS IAM however not AWS SSO. This submit explains the way to MFA with the AWS CLI and an exterior ID. In my first hyperlink on this submit I’ve posts on the associated safety risk that an exterior ID helps defend in opposition to — the confused deputy assault.
Set up Go on AWS EC2
Based mostly on my stats, lots of people are fascinated with usign golang on AWS.
I wrote in regards to the safety advantages of Go right here:
Actual World Cloud Compromise
I gave a presentation for AWS Girls in Tech on AWS utility vulnerabilities discovered on penetration exams.
Serverless Safety
On this presentation at RSA 2020 I talked about safety companies environments and some points I discovered on AWS penetration exams.
Purple Workforce vs. Blue Workforce on AWS
On this presentation, Kolby Allen and I discuss assaults and defenses on AWS.
Safety & Machine Studying
In these posts I discover safety and machine studying, and I attempted an Amazon DeepRacer.
AWS IAM Function Profiles with Boto3
On this submit I clarify the way to use AWS IAM Roles with Boto3.
Mapping Assault Paths
This submit talks about instruments I take advantage of on AWS penetration exams to map out community assault paths.
AWS 2020 re:Invent Bulletins
AWS Assets used within the Photo voltaic Winds Breach
This submit explains how AWS sources have been used within the Photo voltaic Winds Breach.
Hackers as Cloud Clients
Defined how attackers used AWS and Azure within the Photo voltaic Winds Breach.
What’s in Your Cloud?
My hottest submit (sadly) on the Capital One Breach.
Amazon declined to testify at congressional listening to on SolarWinds hack
A submit on click on bait reporting.
On Turning into an AWS Hero
Container Escape in AWS HotPatch
Comply with for updates.
Teri Radichel
In the event you favored this story please clap and observe:
******************************************************************
Medium: Teri Radichel or Electronic mail Record: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests companies by way of LinkedIn: Teri Radichel or IANS Analysis
******************************************************************
© 2nd Sight Lab 2022
____________________________________________
Writer:
Cybersecurity for Executives within the Age of Cloud on Amazon
Want Cloud Safety Coaching? 2nd Sight Lab Cloud Safety Coaching
Is your cloud safe? Rent 2nd Sight Lab for a penetration take a look at or safety evaluation.
Have a Cybersecurity or Cloud Safety Query? Ask Teri Radichel by scheduling a name with IANS Analysis.
Cybersecurity & Cloud Safety Assets by Teri Radichel: Cybersecurity and Cloud safety lessons, articles, white papers, shows, and podcasts
