Weekly Cloud and Security Watch Newsletter - October 12th to 18th, 2020
________________________________________
Full newsletter with links ⇒ CloudSecurityAlliance.fr/go/KAI/
________________________________________
1 - CSA News and Updates - October 12th to 18th, 2020
- Fill in the new CSA survey on Cloud Adoption in 2020
- Publication: 'Cloud OS Security Specification v2.0'
- Podcast: 'The Business Value of STAR Attestation'
- Blog: 'What is the Cloud Controls Matrix (CCM)?'
- Blog: 'CCSK Success Stories: From a Security Consultant'
- Blog: 'How to Address the Security Risks of Cloud OS'
- Conférence: 'AWS Cloud Security Week 2020'
2 - Cloud and Security News Watch (over 80 links)
- Must read
- French Highest Court States over the 'Health Data Hub' Case
- MESA: Modern Enterprise Security Architecture (Sumo Logic)
- Attacks, Incidents, Leaks, Threats, Vulnerabilities, Outages
- Attacks: Office 365 credential-harvesting campaign (Cyjax and GreatHorn) • Grosth of DDoS volumes (Google Cloud)
- Leaks: Unsecured AWS S3 Buckets
- Vulnerabilities: Issues with APIs AWS
- Outages: Azure latest ones
- Best Practices, and Detection
- Best Practices: In case of M365 account compromise • Azure Security Benchmark v2
- Reports, Surveys, Studies, Publications
- Reports: '2020 Spotlight Report on Microsoft Office 365' (Vectra) • '2020 State of Virtual Appliance Security Report' (Orca Security) • 'The State of the Public Cloud in the Enterprise' (Contino)
- Surveys: '2020 Global CIO Report' (Dynatrace)
- Cloud Services Providers, Solutions, and Tools
- AWS: IAM Access Analyzer • AWS Firewall Manager
- Azure: Compliance • Conditional Access • Azure VMs
- GCP: IAM • Static outbound IP address
- Kubernetes: Securing Kubernetes Clusters • Misconfigurations
- Containers: Security Enforcement
- Workloads: Security Enforcement
- Outils: O365Enum
- Podcasts, Weekly 'Cloud and Security' Watch
- Podcasts: 'Cloud Security' • 'SilverLining' • 'Thousand Eyes' • Isolation par le Cloud (projet du DoD)
- Newsletters: TL;DR Security #56 • The Cloud Security Reading List #59
- Market, Acquisitions
- Acquisition: Managed Sentinel by BlueVoyant
- Miscellaneous
- Health Data Hub • European 'industrial cloud' • SASE and TLS (Netskope)
3 - Agenda
- October 19th/23rd → Europe Cloud Summit
- October 20th/22nd → CSA: Cloud Security Alliance APAC Virtual Summit
- October 26th/29th → AWS: AWS Cloud Security Week 2020
- November 3rd/5th → CSA: EMEA Summit
- November 23rd/25th → CCSK / CCSK Plus training in French
4 - Link
________________________________________
________________________________________
#Veille #Watch________________________________________
------------------------------
Olivier Caleff - CSA French Chapter - Chapter Leader -
[email protected] -
https://CloudSecurityAlliance.fr------------------------------