Weekly Cloud and Security Watch Newsletter - November 9th to 15th, 2020
________________________________________
Full newsletter with links ⇒ CloudSecurityAlliance.fr/go/KBF/
________________________________________
1 - CSA News and Updates - November 9th to 15th, 2020
- CCSK training in French: registration for the 23rd/25 session is still open
- Fill in the CSA survey on Cloud Adoption in 2020
- News: FIRST 2020 Conference, November 16th/18th
- Publication: 'Key Management when using Cloud Services'
- Blog: 'Seven Steps to defining the art of the possible in DevOps
- Blog: 'California Privacy Rights Act: What Are the Consequences for Cloud Users?'
- Blog: 'What is cloud security? How is it different from traditional on-premises network security?'
2 - Cloud and Security News Watch (over 110 links)
- Must read
- State of CSP's Encryption Services
- Kubernetes Maturity Model (Fairwinds)
- Strategies For Remote Collections of Cloud Data(Fairwinds)
- Attacks, Incidents, Leaks, Outages
- Attacks: Fake Microsoft Teams updates
- Leaks: Leaky AWS S3 Bucket Leads to Massive Data Leak
- Outages: Microsoft Outage Affects OneDrive Users
- Risks, Threats, Vulnerabilities
- Risks : Identification of Hidden Risks (World Economic Forum)
- Threats: Preventing Exposed Azure Blob Storage (SANS)
- Vulnerabilities: VoltPillager against Intel SGX Enclaves
- Best Practices, and Detection
- Reports, Surveys, Studies, Publications
- Reports: 'Kubernetes (K8s) Data Protection Report' (Zettaset) • '2020 Duo Trusted Access Report' (Duo Security) • 2020 update for 'Cloud-Native: The IaaS Adoption and Risk Report' (MacAfee)
- Cloud Services Providers, Solutions, and Tools
- AWS: AWS Nitro Enclaves • Lightsail Containers • Securing Amazon WorkSpaces • Integrating CloudEndure Disaster Recovery
- Azure: Long Term Retention of Azure Sentinel Logs • New DNS Features in Azure Firewall
- GCP: Ensuring High Availability • Anthos Developer Sandbox • Connecting to Google CE VMs
- OVH Cloud: Co-building Cloud Services with Google Cloud
- Kubernetes: Threat Vectors: Part 3 - Persistence (Alcide) • Maturity Model (Fairwinds)
- Tools: Leonidas (Attack Simulation) • OpenCSPM (CSPM)
- Conferences, Podcasts, Weekly 'Cloud and Security' Watch
- Podcasts: 'Open Source AWS Security' (Cloud Security Podcast) • 'Cloud Attack Vectors' (SilverLining)
- Newsletters: TL;DR Security #60 • The Cloud Security Reading List #63
- Market, Acquisitions
- Market: Encryption Services
- Acquisitions: CloudAlly by Zix • IDMSense by Ernst & Young
- Miscellaneous
- Framework Improving Efficiency in Disaster-Area Management
3 - Agenda
- November 16th/18th → 32nd FIRST Conference
- November 18th → Google Cloud Security Talks
- November 19th → MSSPs and Cloud Security Services: Who Are the Leaders? webcast
- November 23rd/25th → CCSK / CCSK Plus training in French
- November 30th to December 18th → AWS re:Invent 2020
4 - Link
________________________________________
________________________________________
#Watch________________________________________
------------------------------
Olivier Caleff - CSA French Chapter - Chapter Leader -
[email protected] -
https://CloudSecurityAlliance.fr------------------------------