aws
Sometimes What Sounds Benign Can Bite You: An Unexpected Implication of Lambda Privileges
Learn how an AWS service usage and permissions combination discovered by Ermetic may increase risk upon a certain non-compliance The post Sometimes What Sounds Benign Can Bite You: An Unexpected Implication of ...
Aligning an Organization’s Attack Surface to Detection Surface is Key to Adversary Defense in Today’s Cloud Era
With the Cloud Era, the IT asset estate has expanded, and there is a diverse set of attack surfaces to defend. The term "attack surface" describes the growing IT asset estate, but ...
Detecting Threats in AWS with MixMode AI
As organizations increasingly operate within a hybrid on-premises and cloud environment, the need for advanced threat detection mechanisms becomes vital. Today I explore how The MixMode Platform leverages AWS CloudTrail and VPC ...
Checkmarx Details Potential Threats to AWS S3 Buckets
Checkmarx disclosed how cybercriminals can hijack S3 storage bucket binaries on the AWS cloud by replacing binaries with malicious ones ...
How KKday Protects Content, Reduces Costs, & Saves Time With DataDome
When scrapers targeted leading Taiwan-based travel platform KKday, DataDome integrated seamlessly with Amazon CloudFront to protect KKday & help reduce costs ...
AWS Expands Cloud Security Services Portfolio
Amazon Web Services (AWS) this week added a bevy of offerings and capabilities to its cloud security portfolio as part of an ongoing effort to automate the management of cloud security. Announced ...
Comparing Cloud Providers’ Shared Responsibility Models
More and more enterprises are becoming multi-cloud. And when evaluating cloud service providers (CSPs) for different needs, one important factor is security. Yet, CSPs aren’t responsible for securing everything—depending on the component ...
Assuming Roles in the Public Cloud: The Good, The Bad, and the Insecure
Migrating resources to the public cloud, also known as the “shift-left” mentality, helps organizations to optimize their infrastructure, resources, and staffing, as well as reduce overhead ...
Permiso Discovers Smishing Attack to Steal AWS Credentials
Permiso, a provider of a platform for correlating IT events to identities, today disclosed the discovery of an attack through which cybercriminals are employing text messages to steal credentials that enable them ...
Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin
Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances The post Terraform Lab: Taking the New VPC Endpoint Condition ...