• VayFul®
  • Posts
  • CloudSec Wednesday: State of Cloud Security, Kubernetes, Container Security, Threat Modeling, CloudTrail as a Data Exfiltration

CloudSec Wednesday: State of Cloud Security, Kubernetes, Container Security, Threat Modeling, CloudTrail as a Data Exfiltration

Cybersecurity — For Security Professionals

Hey! James here.

Today’s edition covers Cloud Security, Container Security and DevSecOps Practices:

  • 📝 State of Cloud Security, Securing 4 C's of Software Product, Turning AWS Documentation into Gold: AI-Assisted Security Research!

  • 🔥 NodeJs version Audit Tool,CloudTrail as a mechanism for Data Exfiltration, Palo Alto Expedition: From N-Day to Full Compromise!

  • 🧠 NeuVector container security platform Integration into AWS CodePipeline CI/CD workflow, Using threat modeling to create a robust DevSecOps plan, Automate k8 security solution!

  • And more…

First time reading? Sign up here.

📰 Top Security News

  • Cisco Confirms Security Incident After Hacker Offers to Sell Data (Securityweek)

  • Breaching the Data Perimeter: CloudTrail as a mechanism for Data 

    Exfiltration (Cybernews)

  • Palo Alto Expedition: From N-Day to Full Compromise(Horizon3)

📝 Best Of Blogs

🧠 Learning Resources

  • NeuVector container security platform Integration into AWS CodePipeline CI/CD workflow (OpenSUSE Conf)

  • Using threat modeling to create a robust DevSecOps plan (Threat Modeling Connect)

  • Automate k8 security solution (CastAI)

🛠️ Tools

  • Docker-isolator: Docker service isolatation demos. (GitHub)

  • Lambda Watchdog: Your CVE’s dashboard for AWS Lambda. (Watchdog)

  • Node-version-audit: Audit your Node version for known CVEs and patches. (GitHub)

⚡️ Misc

  • Breaching the Data Perimeter: CloudTrail as a mechanism for Data Exfiltration (Tracebit)

  • Okta’s Mission to Standardize Identity Security (Okta)

🎯 Favorite Quote

“The purpose of our lives is to be happy.”
- Dalai Lama

💡 ABOUT VAYFUL®

Vayful® is a cybersecurity newsletter that curates the best cybersecurity news, research, tools, blogs, talks, tutorials, and learning resources — specially handpicked for security professionals. The content is curated with love by security professionals.

Enjoyed this newsletter? Friends don’t keep good things to themselves - forward this to your friends and have them sign up here!

Did someone forward this email to you? Become a subscriber!

Have feedback or questions? Just hit reply and let us know.