The Inner Circle

Weekly Cloud and Security Watch Newsletter #90 - November 15th, 2020

  • 1.  Weekly Cloud and Security Watch Newsletter #90 - November 15th, 2020

    Posted 10 days ago
    Edited by Olivier Caleff 9 days ago

    Weekly Cloud and Security Watch Newsletter - November 9th to 15th, 2020

    ________________________________________
    Full newsletter with links ⇒ CloudSecurityAlliance.fr/go/KBF/
    ________________________________________

    1 - CSA News and Updates - November 9th to 15th, 2020

    • CCSK training in French: registration for the 23rd/25 session is still open
    • Fill in the CSA survey on Cloud Adoption in 2020
    • News: FIRST 2020 Conference, November 16th/18th
    • Publication: 'Key Management when using Cloud Services'
    • Blog: 'Seven Steps to defining the art of the possible in DevOps
    • Blog: 'California Privacy Rights Act: What Are the Consequences for Cloud Users?'
    • Blog: 'What is cloud security? How is it different from traditional on-premises network security?'

    2 - Cloud and Security News Watch (over 110 links)

    • Must read
      • State of CSP's Encryption Services
      • Kubernetes Maturity Model (Fairwinds)
      • Strategies For Remote Collections of Cloud Data(Fairwinds)
    • Attacks, Incidents, Leaks, Outages
      • Attacks: Fake Microsoft Teams updates
      • Leaks: Leaky AWS S3 Bucket Leads to Massive Data Leak
      • Outages: Microsoft Outage Affects OneDrive Users
    • Risks, Threats, Vulnerabilities
      • Risks : Identification of Hidden Risks (World Economic Forum)
      • Threats: Preventing Exposed Azure Blob Storage (SANS)
      • Vulnerabilities: VoltPillager against Intel SGX Enclaves
    • Best Practices, and Detection
    • Reports, Surveys, Studies, Publications
      • Reports: 'Kubernetes (K8s) Data Protection Report' (Zettaset) • '2020 Duo Trusted Access Report' (Duo Security) • 2020 update for 'Cloud-Native: The IaaS Adoption and Risk Report' (MacAfee)
    • Cloud Services Providers, Solutions, and Tools
      • AWS: AWS Nitro Enclaves • Lightsail Containers • Securing Amazon WorkSpaces • Integrating CloudEndure Disaster Recovery
      • Azure: Long Term Retention of Azure Sentinel Logs • New DNS Features in Azure Firewall
      • GCP: Ensuring High Availability • Anthos Developer Sandbox • Connecting to Google CE VMs
      • OVH Cloud: Co-building Cloud Services with Google Cloud
      • Kubernetes: Threat Vectors: Part 3 - Persistence (Alcide) • Maturity Model (Fairwinds)
      • Tools: Leonidas (Attack Simulation) • OpenCSPM (CSPM)
    • Conferences, Podcasts, Weekly 'Cloud and Security' Watch
      • Podcasts: 'Open Source AWS Security' (Cloud Security Podcast) • 'Cloud Attack Vectors' (SilverLining)
      • Newsletters: TL;DR Security #60 • The Cloud Security Reading List #63
    • Market, Acquisitions
      • Market: Encryption Services
      • Acquisitions: CloudAlly by Zix • IDMSense by Ernst & Young
    • Miscellaneous
      • Framework Improving Efficiency in Disaster-Area Management

    3 - Agenda

    • November 16th/18th → 32nd FIRST Conference
    • November 18th → Google Cloud Security Talks
    • November 19th → MSSPs and Cloud Security Services: Who Are the Leaders? webcast
    • November 23rd/25th → CCSK / CCSK Plus training in French
    • November 30th to December 18th → AWS re:Invent 2020

    4 - Link

    ________________________________________

    ________________________________________
    #Watch
    ________________________________________

    ------------------------------
    Olivier Caleff - CSA French Chapter - Chapter Leader - [email protected] - https://CloudSecurityAlliance.fr
    ------------------------------