A high-severity CVE was released that affects the Linux kernel, allowing unprivileged users to escalate those rights to root and escape from the container.   #attack   #containers   #kubernetes

Post explaining the security problems the Mercari team faced in their Terraform environment, and how they improved the situation.   #ci/cd   #defend   #terraform

This repository seeks to index all publicly disclosed AWS customer security incidents with a known root cause.   #attack   #aws

GuardDuty can now monitor Kubernetes clusters within your AWS environment.   #aws   #monitor

A writeup describing the journey on finding and reporting databases with sensitive data about Fortune-500 companies, hospitals, crypto platforms, startups, and more.   #attack   #aws

Post examining EMR's default roles and managed policies to understand if they follow security best practices of least privileges.   #aws   #iam

A detailed comparison of two HashiCorp-supported methods for HashiCorp Vault and Kubernetes integration.   #explain   #kubernetes   #vault

How to get authentication working correctly in EKS from the beginning.   #aws   #build   #kubernetes

Istio version 1.12.0 and 1.12.1 are vulnerable to a privilege escalation attack. Users who have CREATE permission for gateways.gateway.networking.k8s.io objects can escalate this privilege to create other resources that they may not have access to, such as Pod.   #attack   #kubernetes

Stratus Red Team is "Atomic Red Team™" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.

Hundreds of Offensive and Useful Docker Images for Network Intrusion.

Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints.

Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect.

This repository contains free labs for setting up an entire workflow and DevOps environment from a real-world perspective in AWS.

GuardDuty has now the ability to detect when your EC2 instance credentials are being used from another AWS Account.

A new whitepaper from AWS which outlines recommendations for implementing AWS WAF to protect existing and new web applications.

How to provide a single sign-in experience to Windows EC2 instances using AWS Fleet Manager with AWS SSO, enabling you to login with your AWS SSO identity, or any supported identity provider to AWS SSO.

How to deploy a solution to enrich AWS Security Hub findings with additional account-related metadata, such as the account name, the Organization Unit (OU) associated with the account, security contact information, and account tags.

Post providing guidance to determine your requirements for tokenization, with an emphasis on the compliance lens.

A set of controls to leverage when creating data products in compliance with security and regulatory requirements using Google Cloud services.

Some lessons learned while applying the VPC-Service Controls (a.k.a. VPC-SC) to one complex network infrastructure.