• Cloud Security Newsletter
  • Posts
  • 21 Senior Cloud Security Lessons From 21 Days of Advent of Cloud Security - Last 2024 Email! 🀩

21 Senior Cloud Security Lessons From 21 Days of Advent of Cloud Security - Last 2024 Email! 🀩

Advent of Cloud Security by Cloud- 24 Days of FREE Cloud Security from Movers and Shakers of Cloud Security Community!

Hello from the Cloud-verse & Thank you for a great 2024!

This week’s Cloud Security Newsletter Topic is Advent of Cloud Security 2024 - DevSecOps, HoneyTraps, Container Security, Starting on Security Research & lot more in AWS, Azure & GCP !  (continue reading) 

I also wanted to say Thank you for all your support, especially to the newer folks over here and existing ones who have continued to support us in 2024. This is also the Last email for 2024. We hope the collection of training in AWS, Azure, GCP from some well known Experts in this for FREE especially for you as part of the Advent of Cloud Security. Hope you get a chance to watch them especially if you are curious about how security on other clouds is mis-used. πŸ™‚ 

Incase, this is your 1st Cloud Security Newsletter! You are in good company!
You are reading this issue along with your friends and colleagues from companies like Netflix, Citi, JP Morgan, Linkedin, Reddit, Github, Gitlab, CapitalOne, Robinhood, HSBC, British Airways, Airbnb, Block, Booking Inc & more who subscribe to this newsletter, who like you want to learn what’s new with Cloud Security each week from their industry peers like many others who listen to Cloud Security Podcast & AI CyberSecurity Podcast every week.

Cloud Security Topic of the Week 

NOTE - There are lot of resources so the email may cut off in some browsers/email client. Please use the website to read this entire issue. This is also on our Advent of Cloud Security website.

The Advent of Cloud Security 2024 so far - Senior Cloud Security Experts sharing their Hot Topics in AWS, Azure, Kubernetes & GCP!

Welcome to this week's edition of the Cloud Security Newsletter!

This week, marks the final week of Advent of Cloud Security a Cloud Security Podcast initiative.

🌟 What is Advent of Cloud Security?

Advent of Cloud Security is for all levels and for 24 Days of December,2024 we are bringing the Movers and Shakers of Cloud Security to share their AWS, Azure, GCP & Kubernetes knowledge so you can learn from some of the BEST!

Day 1

πŸ‘‰πŸΎ The Complete Senior Cloud Security Engineer Roadmap:

πŸ‘‰πŸΎ Snippet from Day 1 - The RoadMap for a Senior Cloud Security Role in 2025
- 8 Cloud Security Areas common to Senior Cloud Security Engineers
- How to appear Senior infront of your Manager even before the promotion
- How to Add new Cloud Security Skills to your existing CyberSecurity & Cloud skills.

Day 2

πŸ‘‰πŸΎ Top 3 Cloud Security Projects That Give you an unFAIR Advantage:

πŸ‘‰πŸΎ Snippet from Day 2 - 3 Cloud Security Projects for a Senior Cloud Security Role You can Copy
- 3 Cloud Security Project Examples common for Senior Cloud Security Engineer roles
- 3 side projects to to build Skillsets for a Senior role
- How to learn from other Senior Cloud Security folks for new CyberSecurity & Cloud skills.

    This week's Issue is supported by Cloud Security Bootcamp

If you are looking to upskill your AWS Cloud Security or Kubernetes on AWS Cloud knowledge, you might want to check out the AWS Security Masterclass from Cloud Security Bootcamp.

Sign up today for upcoming AWS Security & Kubernetes Security December 2024 MasterClass and learn what Cloud Security Engineers and Architect do for work during the MasterClass with Labs,Walkthrough of the AWS Services used to build Applications in Cloud.

Day 3

πŸ‘‰πŸΎ How to LEAVE Honey Traps (Canary Tokens) inAWS Account to TRAP Bad Actors:

πŸ‘‰πŸΎ Snippet from Day 3 - Building HoneyTraps in AWS Cloud
- Setting up HoneyTraps in S3 & DynamoDB with fake data
- Response for Defenders when an attacker triggers a HoneyTrap
- Defending AWS Accounts with Honey Traps

Day 4

πŸ‘‰πŸΎ Building a Cloud Native DevSecOps Pipeline using Terraform in AWS Cloud:

πŸ‘‰πŸΎ Snippet from Day 4 Building a Cloud Native DevSecOps Pipeline using Terraform in AWS Cloud
- Refresh of What DevSecOps is in 2024
- Walkthrough of Terraform templates required for
- Deploy a Container App in EKS using CodeBuild & CodePipeline
- Scanning Container Image, SCA using Open Source
- Integrating Security in a Cloud Native Pipeline on AWS

Day 5-8

πŸ‘‰πŸΎ 4 Part Amazon EKS Security Workshop (0-Hero in Amazon EKS Security):

πŸ‘‰πŸΎ Snippet from Day 5
- Refresh of Container Security,
- Setup of Amazon EKS Lab Infra For EKS Goat
- Lab: Deploying a Vulnerable AWS EKS Infra
- Theory: Overview of Docker from a Security Perspective
- Lab: Secret Exfiltration with Dive
- Lab: Docker Security Scans

πŸ‘‰πŸΎ Snippet from Day 6
- Theory: Basic of AWS ECR
- Lab: Automated Scanning in AWS ECR
- Introduction to AWS EKS
- Theory: Kubernetes Architecture Overview
- Theory: AWS EKS Terminologies
- Theory: EKS Authentication & Authorization

πŸ‘‰πŸΎ Snippet from Day 7
- Roadmap for Senior Cloud Security Engineer
- 3 Cloud Security Projects to Copy from Senior Cloud Security Engineers
- DevSecOps pipeline with EKS
- Setting up an EKS Lab for testing attack & Defence)

πŸ‘‰πŸΎ Snippet from Day 8
- Refresh of Container Security,
- Setup of Amazon EKS Lab Infra For EKS Goat
- Lab: Deploying a Vulnerable AWS EKS Infra
- Theory: Overview of Docker from a Security Perspective
- Lab: Secret Exfiltration with Dive
- Lab: Docker Security Scans

Day 9-10

πŸ‘‰πŸΎ Analyzing and Responding to Incidents in AWS Cloud (RECIPE Framework):

πŸ‘‰πŸΎ Snippet from Day 9 & Day 10 Analyzing and Responding to Incidents in AWS Cloud
- The RECIPE Framework to prioritize and respond to incidents in Cloud
- Example walkthrough of using RECIPE

Day 11

πŸ‘‰πŸΎ SOC Metrics That CAN REDUCE Your INCIDENT RESPONSE TIME:

πŸ‘‰πŸΎ Snippet from Day 11 
- 5 SOC Metrics - What they are?
- Why do these Metrics Matter for Responding better and quicker in SOC

Day 12 & 13 - Start of the Azure Training

πŸ‘‰πŸΎ BlindSides of Conditional Access in Microsoft Azure for EntraID - Access Tokens & Entra Tokens:

πŸ‘‰πŸΎ Snippet from Day 12 & Day 13
-Difference between EntraID, Access Token and how Resources are protected
- Example walkthrough of retaining Access Token

Day 14

πŸ‘‰πŸΎ Azure Security Assessments Using Resource Graph Explorer:

πŸ‘‰πŸΎ Snippet from Day 14
- Setup of KQL Demo to use as the resource for security assessment
- Walkthrough of KQL queries to understand and filter out the potentially misconfigured Azure resources e.g public facing VMs.

Day 15

πŸ‘‰πŸΎ Privilege Escalation with Azure Policies:

πŸ‘‰πŸΎ Snippet from Day 15
- What is Azure Policy & why is it used by many Microsoft Azure users?
- How does "Effect" in Azure Policy be used for privilege escalation and opening back doors in VMs etc

Day 16

πŸ‘‰πŸΎ Extending Azure Access Token Session time for Azure Recon with SPA:

πŸ‘‰πŸΎ Snippet from Day 16
- The current limitation in Azure Access Tokens for extended enumeration of resources
- Using ROADtools and "Origin" header for SPA to extend Access Token life

Day 17

πŸ‘‰πŸΎ How to Read Google Cloud Audit Logs as a Security Pro:

πŸ‘‰πŸΎ Snippet from Day 17
- Types of Logs for Security Experts in Google Cloud
-  How to Answer Key Questions Using Logs
-- Identify Impacted Resources:
-- Handle Long Operations:
-- Trace Original Invokers in Impersonation Scenarios

Day 18

πŸ‘‰πŸΎ Setting Proxy in GCloud for Google Cloud Research:

πŸ‘‰πŸΎ Snippet from Day 18
- What is GCloud
- How to setup Proxy GCloud for Google Cloud Research

Day 19-21

πŸ‘‰πŸΎ Google Cloud Security Workshop (3 Parts): (0-Hero in Google GKE & Google Cloud Security)

πŸ‘‰πŸΎ Snippet from Day 19
- Set up of GCloud
- Intro to the GCP CTF Workshop (Github)
- Workshop Setup & Verifying Setup of GKE Cluster Setup

πŸ‘‰πŸΎ Snippet from Day 20
- Verify the GCP Workshop Challenge Setup is completed
- Challenge 1 of GCP Workshop (Misconfigured GKE Cluster)
- Challenge 2 of GCP Workshop (Misconfigured Service Account)

πŸ‘‰πŸΎ Snippet from Day 21
- Challenge 3 of GCP Workshop (Misconfigured IaC)
- Challenge 4 of GCP Workshop (Service Account Privilege Escalation)

What’s Next Week?

Next week is Christmas Week so there wouldn’t be another email. The next email will be in the week of January 6, 2025.

πŸ”— Thank You! πŸ™ πŸŽ‰ 

We wanted to thank you for all your support with Cloud Security Newsletter and the work we do here and also at Cloud Security Podcast, Cloud Security Bootcamp and AI Cybersecurity Podcast.

See you in 2025! πŸ₯° 

We would love to hear from youπŸ“’ for a feature or topic request or if you would like to sponsor an edition of Cloud Security Newsletter.

Thank you for continuing to subscribe and Welcome to the new members in tis newsletter communityπŸ’™

Peace!

Was this forwarded to you? You can Sign up here, to join our growing readership.

Want to sponsor the next newsletter edition! Lets make it happen

Have you joined our FREE Monthly Cloud Security Bootcamp yet?

checkout our sister podcast AI Cybersecurity Podcast