Mastodawn

Now on Crucial Exams: AWS Certified Security Specialty (SCS-C03) - 250 practice questions and 220 flashcards to help you pass. Start studying: https://crucialexams.com/s/hjqNttCN #AWSSecurity

theOmegabit Dec 19

Some new monitor ideas for detections #awssecurity

https://medium.com/@adan.alvarez/phishing-for-aws-credentials-via-the-new-aws-login-flow-39f6969b4eae

theOmegabit Dec 18

Ok this is pretty cool.

#awssecurity #aws https://securitylabs.datadoghq.com/articles/introducing-pathfinding.cloud/

Introducing Pathfinding.cloud | Datadog Security Labs

Introducing Pathfinding.cloud, a library of AWS IAM privilege escalation paths

theOmegabit Dec 15

Behind the curtain - AWS Lambda Managed Instances: A Security Overview #awssecurity #cloudsecurity

https://www.offensai.com/blog/aws-lambda-managed-instances-security-overview

AWS Lambda Managed Instances: A Security Overview

An initial security overview of AWS Lambda Managed Instances, exploring the Bottlerocket-based architecture, the 'Elevator' components, and security insights for this new compute model.

OFFENSAI

theOmegabit Dec 2

Nice

Extended threat detection for EC2 and ECS

https://aws.amazon.com/blogs/aws/amazon-guardduty-adds-extended-threat-detection-for-amazon-ec2-and-amazon-ecs/

AWS real-time risk prioritization (was preview now GA)

https://aws.amazon.com/blogs/aws/aws-security-hub-now-generally-available-with-near-real-time-analytics-and-risk-prioritization/

AWS Security Agent (for appsec/dev)

https://aws.amazon.com/blogs/aws/new-aws-security-agent-secures-applications-proactively-from-design-to-deployment-preview/

#awssecurity #aws #AWSreInvent

Amazon GuardDuty adds Extended Threat Detection for Amazon EC2 and Amazon ECS | Amazon Web Services

Today, we’re announcing new enhancements to Amazon GuardDuty Extended Threat Detection with the addition of two attack sequence findings for Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Container Service (Amazon ECS) tasks. These new findings build on the existing Extended Threat Detection capabilities, which already combine sequences involving AWS Identity and Access […]

Amazon Web Services

エミリーSEレクト Nov 3

AWS DevSecOps Training || Learn End-to-End CICD + Security Automation

https://www.emilyselect.com/aws-devsecops-training-learn-end-to-end-cicd-security-automation/?feed_id=2716&_unique_id=6908271f30dc4&Mastodon

#awscicdproject #awsdevsecopsproject #awssecurity #awstraining #cicdpipelinewithdevsecops #devopsandsecurity #devopsautomation #devopstraining #devsecopscertification #devsecopscicdpipeline #devsecopsengineer #devsecopsexplained #devsecopssecurityscan #devsecopstraining #devsecopstra...

The DefendOps Diaries Oct 8

Crimson Collective is using clever tricks on AWS—from sniffing out exposed keys to full-blown privilege escalation. Think your cloud’s safe? Discover how these tactics could put your data at risk and what you can do about it.

https://thedefendopsdiaries.com/crimson-collective-tactics-techniques-and-mitigation-strategies-for-aws-cloud-attacks/

#crimsoncollective
#awssecurity
#cloudattacks
#databreach
#cyberthreats