________________________________________
Full Newsletter with links ⇒
CloudSecurityAlliance.fr/go/K8N/
________________________________________
- Fill in the new CSA survey on Cloud Adoption in 2020
- CCSK training in French and English end of August : You can still register !
- Publication: "CSA's Perspective on Cloud Risk Management"
- Press Release: CSA and ISACA Announce Strategic Partnership on CCAK
- Conference: Feedback on the 'CSA CloudCon 2020'
- Must Read
- Team TNT, a Cryptomining Botnet Steals AWS Credentials (Cado Security)
- The State of Vulnerability Management in the Cloud and On-Premises (IBM X-Force & Ponemon)
- Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
- Attacks: Team TNT (AWS) • Containers visés (Aqua Security)
- Threats: Embedded Cryptominer Found in AWS Community AMI (Mitiga) • Insecure S3 buckets (CERT-EU) • Règles dans O365 (SANS, Martin Rothe)
- Vulnérabilities: Lateral Movement from Azure to On-Prem AD (SpecterOps) • Potential Security Flaw in Kubernetes (Cyberark)
- Outages: Slack on august 19th, GCP and Gmail on 20th
- Reports, Surveys, Studies
- Reports: '2020 Container Security Snapshot' (Sysdig) • 'The State of Vulnerability Management in the Cloud and On-Premises' (IBM X-Force & Ponemon) • Blackblaze Quarterly Stats
- Surveys: '2020 Enterprise Cloud Trend' (2nd Watch)
- Market, Acquisitions
- Acquisitions : Amazon in talks with Rackspace
- Cloud Services Providers, Solutions
- AWS: Défense in Depth • Meta-data Leaks • Miscellaneous
- Azure: Security licenses and Microsoft 365 Cmopliance • AzureAD • AzureAD Connect APIs • Azure PowerShell in a Docker Container • Controls • Résilience with Kubernetes
- GCP: Logging & Log Storage • APIs to Manage Cloud Identity Groups
- Docker: Images Retention Policy Changes at Docker Hub
- Kubernetes: articles on RBAC
- Podcasts, Weekly 'Cloud and Sécurité' Watch
- Podcasts: Secure Environments in GCP
- Watch: TL;DR Security #48, The Cloud Security Reading List #51
- Miscellaneous
- Cloud Threat Hunting
- Threat Modeling in a Container Environmente
- Privacy in the Cloud
- NIST SP 800-207 document on Zero Trust Architecture
- August 2020
- 31 → End of the call for papers for the CSA EMEA 2020 Congress
- 31 → CCSK / CCSK Plus trainings in frnech
- September 2020
- 8 / 25 → CSA : 'SECtember Experience' Webinars
- 23 / 24 → BIRP : Forum Sécurité@Cloud • Paris, Porte de Versailles
________________________________________
#Watch________________________________________
------------------------------
Olivier Caleff - CSA French Chapter - Chapter Leader -
[email protected] -
https://CloudSecurityAlliance.fr------------------------------