Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Your Guide to IAM – and IAM Security in the Cloud
Published: 01/27/2023

Originally published by Ermetic. As user credentials become a coveted target for attackers, IAM (Identity Access Management) technologies are gaining popularity among enterprises. IAM tools are used in part to implement identity-based access security practices in the cloud. But is IAM security en...

Oops, I Leaked It Again — PII in Exposed Amazon RDS Snapshots
Published: 01/24/2023

Originally published by Mitiga on November 16, 2022. Written by Ariel Szarf, Doron Karmi, and Lionel Saposnik. TL; DR: The Mitiga Research Team recently discovered hundreds of databases being exposed monthly, with extensive Personally Identifiable Information (PII) leakage. Leaking PII in th...

Redshift Security: Attack Surface Explained
Published: 12/15/2022

Originally published by Dig Security. Written by Ofir Shaty and Ofir Balassiano, Dig Security. We have previously discussed (Access and Data Flows, Data Backups and Encryption) security best practices to implement least privileged access on Redshift and reduce the static risk associated with your...

AWS Security Groups Guide
Published: 12/15/2022

Originally published by Sysdig. Written by Brett Wolmarans, Sysdig. AWS Security Groups (and Network ACLs and VPCs) are some of the fundamental building blocks of security in your cloud environment. They are similar to firewalls, but are ultimately different. You have to understand this topic ve...

Removing the Fog from Cloud Compliance
Published: 11/22/2022

Originally published by Axonius. Written by Shlomit Alon, Axonius. “When I was told our company needs to ensure we’re cloud compliant, I was scratching my head, unsure where to begin.”Does that quote sound familiar? A risk analyst at a company wasn’t sure where to reduce risks in the foreboding ...

Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433
Published: 11/21/2022

Originally published by Ermetic. Written by Noam Dahan, Ermetic. IAM433 has a good explanation of how and why permissions boundaries can be circumvented by resource policies. There’s a repeat tomorrow but it’s not recorded (chalk talk). This presentation should be made public and linked from ...

Change These 7 Security Settings After Creating a New AWS Account
Published: 11/17/2022

Originally published by Varonis. Written by Shane Waterford, Varonis. If you’ve just created your Amazon Web Services (AWS) account and are worried about AWS data security, you have a valid reason — unknown organization-wide settings or simple misconfigurations could put your data at risk of expo...

Uber Cybersecurity Incident: Which Logs Do IR Teams Need to Focus On?
Published: 11/15/2022

Originally published by Mitiga. Written by Or Aspir, Mitiga. On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber.In this incident, the attacker annou...

26 AWS Security Best Practices to Adopt in Production
Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to so...

How Identifying UserData Script Manipulation Accelerates Investigation
Published: 09/12/2022

Originally published by Mitiga here. Written by Doron Karmi, Mitiga. UserData script manipulation by threat actors is a technique that has been known in the wild for several years and has been observed being exploited by many attack groups. Abuse of the AWS EC2 instance UserData attribute could l...

How Can Transit Gateway VPC Flow Logs Help My Incident & Response Readiness?
Published: 08/26/2022

Originally published by Mitiga here. Written by Or Aspir, Mitiga. On July 14th 2022, AWS announced a new capability: flow logs for Transit Gateway. Transit Gateway VPC flow logs allows users to gain more visibility and insights into network traffic on the Transit Gateway.AWS highlights these ...

How to Protect Data in AWS S3
Published: 07/22/2022

This blog was originally published by BigID here. Written by Dimitri Sirota, BigID. S3 object store has become a popular foundation for storing unstructured documents and mixed file types with elastic scale. However, like with any wide and deep data lake, it creates unique data security challenge...

How To Secure S3 Buckets Effectively
Published: 07/14/2022

This blog was originally published by Panther here. Written by Kartikey Pandey, Panther. Six supercharged tips to reduce S3 bucket-related threats and ensure ‘water-tight’ cloud securityWhen it comes to AWS security, S3 buckets are undeniably the most vulnerable aspect of it all. Misconfigured S3...

Vulnerable AWS Lambda Function – Initial Access in Cloud Attacks
Published: 06/10/2022

This blog was originally published by Sysdig here. Written by Stefano Chierici, Sysdig. Our security research team prepared to explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your...

The End of AWS Keys in Slack Channels
Published: 03/31/2022

This blog was originally published by DoControl here. Written by Adam Gavish, DoControl. It’s time for security teams to enforce stronger controls over the sharing of AWS keys in Slack.Slack (and Microsoft Teams) revolutionized the way organizations collaborate efficiently, especially in the work...

Too Much of a Good Thing — Too Much Flexibility in Permission Management is Putting IAM Security at Risk
Published: 01/06/2022

This blog was originally published by Authomize here. Written by Gabriel Avner, Authomize. As cloud services like Salesforce, AWS, and others have grown more robust over time, they have added more options for how IAM security teams can manage their organizations’ access policies.This increased fl...

Capital One Breach: Is Your AWS Environment Just as Susceptible?
Published: 12/20/2021
Author: Erkang Zheng

This blog was originally published on August 9, 2019 by JupiterOne. The Opportunity for Security Teams It’s been a little over a week since the coverage of the Capital One data breach. The impact of 100 million plus records that were compromised breathed gasoline onto the fiery debate as to w...

How to Adhere to the AWS Well Architected Framework
Published: 12/10/2021

Originally Published on Fugue’s Website on November 24, 2021 By Becki Lee, Senior Technical Writer The Amazon Web Services Well-Architected Framework is a set of recommendations AWS provides for designing infrastructure for cloud applications and workloads. By following the guidance in the ...

5 Best Practices to Reduce the Attack Surface in the Cloud
Published: 11/10/2021

This blog was originally published by Virsec here. Written by Matt Ambroziak, Virsec. Over the last 18 months the cloud has gone mainstream. In case you need proof, Gartner forecasts end-user spending on public cloud services to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion...

Top Network Security Mistakes in AWS, and How to Fix Them
Published: 10/18/2021

This blog was originally published by Valtix here. Written by Jigar Shah, Valtix. A Two-part Blog Series and Cloud Security Alliance Webinar In talking with end-user organizations, we’ve seen and heard lots of misconceptions and mistakes over the years – and even espoused a few ourselves. As H...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.