The Inner Circle

Weekly Cloud and Security Watch Newsletter - September 6th, 2020

  • 1.  Weekly Cloud and Security Watch Newsletter - September 6th, 2020

    Posted 9 days ago
    Edited by Olivier Caleff 9 days ago

    Weekly Cloud and Security Watch Newsletter - August 31st to September 6th, 2020

    ________________________________________
    Full Newsletter with links ⇒ CloudSecurityAlliance.fr/go/K96/
    ________________________________________

    1 - CSA News and Updates - August 31st to September 6th

    • French Chapter's Blog
      • Intermediate Status and Outlook for 2020
      • Gartner's Hype Cycle 'Cloud Security' (July 2020)
    • CSA's Blog
      • 'Get Quantum Ready'

    2 - Cloud and Security News Watch (over 120 links)

    • Must read
      • Cloud Security: A Primer for Policymakers by the Carnegie Endowment for Internatinal Peace think tank
      • SaaS Continuity Control Certification Framework
    • Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
      • Attacks: New analysis of the 'Team TNT' Crypto-Mining Worm • Life Cycle of a Compromised (Cloud) Server • O365 Phishing • The Cloud to Mitigate the Maze Ransomware?
      • Leaks: Yet Another Unsecured Database
      • Threats: Aiming at Service Accounts • and at the SaaS
      • Vulnerabilities: Privilege Escalation in AWS EKS • GCP API bug
    • Best Practices, and Detection
      • Best Practices: AWS (Amazon), workloads (Illumio), Office 365 (CipherCloud)
    • Reports, Surveys, Studies, Publications
      • Reports: '2020 Insider Threat Report' (Bitglass)
      • Studies: 'Hype Cycle for Cloud Security' (Gartner via Fortanix) • '2020 Magic Quadrant for Cloud Infrastructure and Platform Services' (Gartner)
    • Cloud Services Providers, Solutions, and Tools
      • AWS: General Availability of Bottlerocket, new open source Linux-based OS built to run containers (Amazon) • GuardDuty Security Review (Forgenix) • Caring for the Most Common Pentest Vulnerabilities (Cobalt)
      • Azure: Azure Security Center • Azure AD • Culture of Reliability • 'Confidential Computing'
      • Governance: David das Neves' Position• AWS vs. Azure vs. Google Cloud Governance Models (Park My Cloud)
      • OVH: Hosted Private Cloud Offering Enhanced
      • Kubernetes: Protecting Against Kubernetes Threats (8/9) • Kubernetes Cluster (in)security • Deprecated APIs Handling
      • Containers: Security Terminology
      • Workloads: Shared Responsibility
    • Podcasts, Weekly 'Cloud and Security' Watch
      • Podcasts: Automating Your IAM Roles • Azure Identity Management • GKE Turns Five • 'Under the Hood On the CenturyLink / Level 3 Outage'
      • Weekly Newsletters: TL;DR Security #50 • The Cloud Security Reading List#53
    • Miscellaneous
      • Essential Books on Cloud Security • on AWS!!3 - Agenda
      • Cloud Assets Tracking

    3 - Agenda

    • September 2020
      • 7/9 → CSA : ASEAN Virtual Summit
      • 8 / 25 → CSA : 'SECtember Experience' Webinars
      • 23 / 24 → BIRP : Forum Sécurité@Cloud • Paris, Porte de Versailles

    4 - Link

    ________________________________________

    ________________________________________
    #Watch
    ________________________________________

    ------------------------------
    Olivier Caleff - CSA French Chapter - Chapter Leader - olivier.caleff@cloudsecurityalliance.fr - https://CloudSecurityAlliance.fr
    ------------------------------
    ​​