Discover and read the best of Twitter Threads about #cloudsecurity

Most recents (19)

Understanding the most important and critical part of AWS Identity and Access Management -

"The IAM Policies"

A Thread 👇 PS: https://spaceliftio.wpc...
Hey Twitterverse!

Today, let's dive into the fascinating world of AWS Identity and Access Management (IAM) policies. IAM policies define permissions for AWS resources. Let's explore different types of IAM policies and see some examples. #IAM #AWS
1. First up, we have the "AWS managed policies." These are policies created and managed by AWS. They cover common use cases and are maintained by AWS to ensure compliance and security.

For example, "AmazonS3ReadOnlyAccess" allows read-only access to Amazon S3 resources.
Read 13 tweets
3 cloud-to-K8s best practices to mitigate the risk of a lateral movement attack 🛡

1️⃣ Avoid storing long-term #cloud keys in workloads
2️⃣ Remove kubeconfig files from publicly exposed workloads
3️⃣ Restrict access to container registries

Details in thread 🧵👇 #kubernetes
1️⃣ Avoid storing long-term #cloud keys in workloads

✅ Attach IAM roles/service accounts/managed identities to workloads and define minimum permissions.

✅ Generate and rotate temporary credentials using the IMDS for improved #cloudsecurity.

🧵 2/5
2️⃣ Remove kubeconfig files from publicly exposed workloads

✅ Remove kubeconfig files from exposed workloads, configure #K8s API server endpoint as private.

✅ Restrict access to specific IP addresses using a strictly configured #security group.

🧵 3/5
Read 5 tweets
State of the #Cloud 2023: An in-depth report on the latest trends and risks ⛈

#cloudsecurity #CNAPP #CISO #Engineer

Report highlights in thread 🧵 or download the full report for free here 👇
wiz.io/blog/the-top-c…
☁️ The responsibility of #security professionals to stay up-to-date on the state of the #cloud has never been greater.

🛡 With cloud adoption continuing to grow, it is crucial to proactively address potential threats and ensure secure deployment of solutions.

🧵2/6
☁️ The number of API calls increased by 15% in #AWS, 20% in #Azure, and 45% in #GCP, leading to expanded attack surfaces.

👨‍🏫 57% of companies use more than one #cloud platform, requiring greater knowledge from #cloudsecurity teams.

🧵3/6
Read 6 tweets
Retour sur la table ronde du Symposium : 100% cloud en 2030, mythe ou réalité ? avec présentation du Baromètre EY/CSA sur la maturité du marché en matière de cloud pour lequel + de 100 organisations de toutes tailles et secteurs ont été interrogées.

Un fil à dérouler. 🧵

1/5
Chiffres clefs :
- 64% des entreprises françaises ont déjà une stratégie cloud ou une dans leur vision court terme.
Parmi elles 36% ont un cloud public.
- 74% avec une solution cloud constatent l'amélioration de leur performance métier et 66% indiquent avoir gagné en agilité

2/5
Pourquoi les entreprises françaises passent-elles au cloud ?
- Faire des économies-
- Améliorer le cycle de développement IT
- Réduire l’obsolescence
- Réduire l’empreinte numérique

3/5
Read 6 tweets
Are you taking advantage of Rego's policy language for your #cloudsecurity needs?

If you're not, you need to check out these amazing resources to help get you started 🧵👇

#CSPM #Coding #CNAPP #CISO #DevSecOps
Gettting started with Open Policy Agent (OPA) to improve your #cloudsecurity!

💙 What is OPA and why should you use Rego
💙 How to write your first OPA policy

#CSPM #Coding #CNAPP #CISO #DevSecOps

🧵2/5
wiz.io/blog/getting-s…
Step 2: Learn the basics of Rego Wiz 👇

#CSPM #Coding #CNAPP #CISO #DevSecOps

🧵3/5

datocms-assets.com/75231/16745778…
Read 5 tweets
What is Microsoft Sentinel?
7 quick facts to help you understand how Sentinel can help you secure your environment 👇
1) Azure Sentinel is a Microsoft cloud-based SIEM solution that collects data from multiple sources (Microsoft Azure, M365, AWS, GCP, on-premises services).
2) Use Sentinel to collect, detect, investigate, and respond to security alerts for both on-premises and cloud systems.
Read 9 tweets
15 𝐅𝐑𝐄𝐄 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐩𝐫𝐨𝐯𝐢𝐝𝐞𝐝 𝐛𝐲 𝐭𝐡𝐞 𝐂𝐈𝐒𝐀 (Cyber & Infrastructure Security Agency of the United States)

1. Cloud Computing Security lnkd.in/dE62kGXX

2. Cloud Security - What Leaders Need to Know lnkd.in/dDSMg7xa
3. Cryptocurrency for Law Enforcement for the Public lnkd.in/dNkVm-4j

4. Cyber Supply Chain Risk Management for the Public lnkd.in/dxEaQA8w

5. Cyber-essentials lnkd.in/dCQr2ket

6. Don’t Wake Up to a Ransomware Attack lnkd.in/d36WV_g5
7. Foundations of Cybersecurity for Managers lnkd.in/dg4Ed4Gf

8. Fundamentals of Cyber Risk Management lnkd.in/dXjpdZMr

9. Introduction to Cyber Intelligence lnkd.in/dB9cgC99

10. Securing Internet-Accessible Systems lnkd.in/dv_nYHbP
Read 6 tweets
Best practices for implementing Cloud-Native DevOps:

1/5 Think cloud, adopt the cloud. Optimize technology with a variety of tools tailored for the cloud, but remain cloud-agnostic. #cloudcomputing #devops
2/5 Implement a dynamic security strategy. Security must be built into cloud-native development workflows and diligently monitored. Appoint a chief security officer if possible. #cloudsecurity #devops
3/5 Commit to ongoing training. Perform a self-audit, invest in training to address cloud skills gaps, and ensure employees give feedback on training content and maintenance. #cloudskills #devops
Read 6 tweets
Want to learn @awscloud Security but not sure where to start?

Here's a super-useful Learning Roadmap for AWS Security:

(Keep reading to get the full roadmap diagram👇 )
#awssecurity #cloudsecurity
Just starting out? You should learn the basics first.

Identity & Access Mgmt. is your first order of business. Understanding IAM will solve half your security problems in AWS.

Next up, Secrets in AWS! Cryptography, secure password storage, etc. are CRITICAL.

2/6
Next, go for VM & Network Security. Learn about VPC, Flow Logs & VM security.

Boost visibility in any AWS env. by monitoring & logging events with CloudWatch & CloudTrail.

Learn to automate vulnerability mgmt. with Amazon Inspector. Cut down on manual work with automation.

3/6
Read 7 tweets
☁️ Interested in Cloud Security? ☁️

Checkout these FREE resources to upskill your game.

🧵👇

#hacking #infosec #cloudsecurity #bugbounty #cybersecurity #pentesting
1️⃣ Cloud Security Fundamentals by @learntocloud

Link: learntocloud.guide/#/phase5/README
2️⃣ Hacking the cloud by @Frichette_n

Link: hackingthe.cloud
Read 6 tweets
With the latest news of #TwitterLayoffs, the TechCrunch news team gathered a list of who's #hiring in tech.

Let's take a look here at tech job openings 👇🧵
Read 14 tweets
Are you planning to become a Cloud Security Architecture?

But not sure what skills you need to become the one?

Then this 🧵is for you 👇

#cloudsecurity #aws #awssecurity #appsec #infosec
1 /

Understand how components work:

For starters, you need to have an intuitive understanding of how common security protocols and components work. Things like firewalls, network access, intrusion detection systems, etc.
2 /

Work with various operating systems:

You need to be aware of how operating systems like Windows, Linux, and macOS employ security.
Read 8 tweets
Live from #GartnerSEC | Outlook for #Cloud #Security with Charlie Winckless, Gartner Sr Director Analyst.

About this session: Cloud security remains a top priority. We'll summarizes the problems, recommended processes and new product types to address 3 key issues...
What are the unique risks associated with public cloud service providers, and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS and how can they be addressed? #GartnerSEC
"Cloud security is still security and the cloud is part of every business. It isn't just someone else's computer, it's a hugely complex interconnected set of services." #GartnerSEC Image
Read 17 tweets
1/15. $PANW: There are lots of #cloudsecurity startups competing w/ PANW, & also several next-gen platform startups (e.g., Orca, Lacework, Wiz).

We think PANW will still prevail as the undisputed cloud security giant. Here are some thoughts why.
2/15. At a high-level we surmise $PANW’s previous and future successes in the cloud are due to their:

a) longstanding expertise in DPI & application-centric awareness/security.
b) container management knowhow that has been largely influenced by $GOOGL recruits.
c) smart M&A.
3/15. One major advantage that firewall vendors like $PANW have is Deep Packet Inspection (DPI) & doing this at real-time speed. This entails inspecting the header & payload of each packet - from Layer 2 thru 7 of the OSI model.
Read 17 tweets
Here begins a fun thread of the finished lightboards that we make together during the ϟ Enlightning stream. ♫

Also- a big THANK YOU to all who come out to watch ϟ Enlightning, and also to those who take the time to watch the recording. I appreciate you.

@VMwareTanzu
What is a Small Batch Loop? Featuring guest @cote Image
Dockerfiles Vs. Cloud Native Buildpacks featuring guest @ciberkleid Image
Read 33 tweets
Made an awesome thread on ☁️Cloud Computing with a perspective of Security.
Save it, share it, utilize it!!🧵
#CloudComputing #cloudsecurity #cloud
Mentors: @DojoCyber @theXSSrat @TheParanoids @LilMzMuffinCup @cybersecmeg @0dayCTF @Alra3ees
• Cloud Computing Reference Architecture from Different Vendor’s Perspective, ijetae.com/files/Volume3I… (Links to an external site.)
• Privacy and Security on Cloud Data Storage Using Hybrid Encryption Technique, ijetae.com/files/Volume4I…
• Hacking in the cloud,onlinelibrary.wiley.com/doi/full/10.10…
- RSA ALGORITHM with Example, RSA ALGORITHM with Example
(Links to an external site.)
- What is Zero Trust Security?
• What is WOT (Web of Trust): en.wikipedia.org/wiki/Cloud_com…. - Wikipedia
Read 7 tweets
🗣 De qué hablamos cuando hablamos de POLP? El “Principio del Menor Privilegio” es, quizá, uno de los conceptos más complejos de abordar en términos prácticos. Sí, también es la idea de que cualquier usuario, programa o proceso debe tener los privilegios mínimos necesarios. Hilo.
🚨 Desde el punto de vista de plataformas (específicamente AWS), existen algunas herramientas destinadas a resolver la brecha entre complejidad de implementación y resultados, tema no menor teniendo en cuenta que adherir a dicho principio, ayuda a reducir superficies de ataque.
💡 Cloudsplaining: herramienta de evaluación y reporte de AWS IAM que identifica violaciones de privilegios mínimos 👉 github.com/salesforce/clo…
Read 6 tweets
Looking for the ultimate list of #CyberSecurity books you should read in 2021?!

Hold on a secon, cause here we go!
Please fav your top entries and comment your own picks bellow. And please please retweet to make this list a huge one. #InfoSec
Social Engineering: The Science of Human Hacking, 2nd Edition by the @humanhacker Christopher Hadnagy #socialengineering

amazon.com/-/dp/111943338…
Threat Modeling: Designing for Security (Englisch) Taschenbuch by
@adamshostack
#cybersecurity #threatmodelling #stride

amazon.com/-/dp/111880999…
Read 11 tweets
We are just starting our session @hasgeek. @abh1sek talking about data breaches and how they happen.

hasgeek.com/rootconf/data-…

Join the live stream on the webpage.

#datasecurity
Thank you @hasgeek for giving us this amazing platform to talk about what we love most #datasecurity #appsec
#cloudsecurity
Agenda for the session
Read 29 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!