Weekly Cloud and Security Watch Newsletter - August 31st to September 6th, 2020
________________________________________
Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K96/________________________________________
1 - CSA News and Updates - August 31st to September 6th
- French Chapter's Blog
- Intermediate Status and Outlook for 2020
- Gartner's Hype Cycle 'Cloud Security' (July 2020)
- CSA's Blog
2 - Cloud and Security News Watch (over 120 links)
- Must read
- Cloud Security: A Primer for Policymakers by the Carnegie Endowment for Internatinal Peace think tank
- SaaS Continuity Control Certification Framework
- Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
- Attacks: New analysis of the 'Team TNT' Crypto-Mining Worm • Life Cycle of a Compromised (Cloud) Server • O365 Phishing • The Cloud to Mitigate the Maze Ransomware?
- Leaks: Yet Another Unsecured Database
- Threats: Aiming at Service Accounts • and at the SaaS
- Vulnerabilities: Privilege Escalation in AWS EKS • GCP API bug
- Best Practices, and Detection
- Best Practices: AWS (Amazon), workloads (Illumio), Office 365 (CipherCloud)
- Reports, Surveys, Studies, Publications
- Reports: '2020 Insider Threat Report' (Bitglass)
- Studies: 'Hype Cycle for Cloud Security' (Gartner via Fortanix) • '2020 Magic Quadrant for Cloud Infrastructure and Platform Services' (Gartner)
- Cloud Services Providers, Solutions, and Tools
- AWS: General Availability of Bottlerocket, new open source Linux-based OS built to run containers (Amazon) • GuardDuty Security Review (Forgenix) • Caring for the Most Common Pentest Vulnerabilities (Cobalt)
- Azure: Azure Security Center • Azure AD • Culture of Reliability • 'Confidential Computing'
- Governance: David das Neves' Position• AWS vs. Azure vs. Google Cloud Governance Models (Park My Cloud)
- OVH: Hosted Private Cloud Offering Enhanced
- Kubernetes: Protecting Against Kubernetes Threats (8/9) • Kubernetes Cluster (in)security • Deprecated APIs Handling
- Containers: Security Terminology
- Workloads: Shared Responsibility
- Podcasts, Weekly 'Cloud and Security' Watch
- Podcasts: Automating Your IAM Roles • Azure Identity Management • GKE Turns Five • 'Under the Hood On the CenturyLink / Level 3 Outage'
- Weekly Newsletters: TL;DR Security #50 • The Cloud Security Reading List#53
- Miscellaneous
- Essential Books on Cloud Security • on AWS!!3 - Agenda
- Cloud Assets Tracking
3 - Agenda
- September 2020
- 7/9 → CSA : ASEAN Virtual Summit
- 8 / 25 → CSA : 'SECtember Experience' Webinars
- 23 / 24 → BIRP : Forum Sécurité@Cloud • Paris, Porte de Versailles
4 - Link
________________________________________
________________________________________
#Watch ________________________________________
------------------------------
Olivier Caleff - CSA French Chapter - Chapter Leader -
[email protected] -
https://CloudSecurityAlliance.fr------------------------------