- Cloud Security Newsletter
- Posts
- 21 Senior Cloud Security Lessons From 21 Days of Advent of Cloud Security - Last 2024 Email! π€©
21 Senior Cloud Security Lessons From 21 Days of Advent of Cloud Security - Last 2024 Email! π€©
Advent of Cloud Security by Cloud- 24 Days of FREE Cloud Security from Movers and Shakers of Cloud Security Community!
Hello from the Cloud-verse & Thank you for a great 2024!
This weekβs Cloud Security Newsletter Topic is Advent of Cloud Security 2024 - DevSecOps, HoneyTraps, Container Security, Starting on Security Research & lot more in AWS, Azure & GCP ! (continue reading)
I also wanted to say Thank you for all your support, especially to the newer folks over here and existing ones who have continued to support us in 2024. This is also the Last email for 2024. We hope the collection of training in AWS, Azure, GCP from some well known Experts in this for FREE especially for you as part of the Advent of Cloud Security. Hope you get a chance to watch them especially if you are curious about how security on other clouds is mis-used. π
Incase, this is your 1st Cloud Security Newsletter! You are in good company!
You are reading this issue along with your friends and colleagues from companies like Netflix, Citi, JP Morgan, Linkedin, Reddit, Github, Gitlab, CapitalOne, Robinhood, HSBC, British Airways, Airbnb, Block, Booking Inc & more who subscribe to this newsletter, who like you want to learn whatβs new with Cloud Security each week from their industry peers like many others who listen to Cloud Security Podcast & AI CyberSecurity Podcast every week.
Cloud Security Topic of the Week
NOTE - There are lot of resources so the email may cut off in some browsers/email client. Please use the website to read this entire issue. This is also on our Advent of Cloud Security website.
The Advent of Cloud Security 2024 so far - Senior Cloud Security Experts sharing their Hot Topics in AWS, Azure, Kubernetes & GCP!
Welcome to this week's edition of the Cloud Security Newsletter!
This week, marks the final week of Advent of Cloud Security a Cloud Security Podcast initiative.
π What is Advent of Cloud Security?
Advent of Cloud Security is for all levels and for 24 Days of December,2024 we are bringing the Movers and Shakers of Cloud Security to share their AWS, Azure, GCP & Kubernetes knowledge so you can learn from some of the BEST!
Featured Experts This Week
Day 1
ππΎ The Complete Senior Cloud Security Engineer Roadmap:
ππΎ Snippet from Day 1 - The RoadMap for a Senior Cloud Security Role in 2025
- 8 Cloud Security Areas common to Senior Cloud Security Engineers
- How to appear Senior infront of your Manager even before the promotion
- How to Add new Cloud Security Skills to your existing CyberSecurity & Cloud skills.
Day 2
ππΎ Top 3 Cloud Security Projects That Give you an unFAIR Advantage:
ππΎ Snippet from Day 2 - 3 Cloud Security Projects for a Senior Cloud Security Role You can Copy
- 3 Cloud Security Project Examples common for Senior Cloud Security Engineer roles
- 3 side projects to to build Skillsets for a Senior role
- How to learn from other Senior Cloud Security folks for new CyberSecurity & Cloud skills.
This week's Issue is supported by Cloud Security Bootcamp
If you are looking to upskill your AWS Cloud Security or Kubernetes on AWS Cloud knowledge, you might want to check out the AWS Security Masterclass from Cloud Security Bootcamp.
Sign up today for upcoming AWS Security & Kubernetes Security December 2024 MasterClass and learn what Cloud Security Engineers and Architect do for work during the MasterClass with Labs,Walkthrough of the AWS Services used to build Applications in Cloud.
Day 3
ππΎ How to LEAVE Honey Traps (Canary Tokens) inAWS Account to TRAP Bad Actors:
ππΎ Snippet from Day 3 - Building HoneyTraps in AWS Cloud
- Setting up HoneyTraps in S3 & DynamoDB with fake data
- Response for Defenders when an attacker triggers a HoneyTrap
- Defending AWS Accounts with Honey Traps
Day 4
ππΎ Building a Cloud Native DevSecOps Pipeline using Terraform in AWS Cloud:
ππΎ Snippet from Day 4 Building a Cloud Native DevSecOps Pipeline using Terraform in AWS Cloud
- Refresh of What DevSecOps is in 2024
- Walkthrough of Terraform templates required for
- Deploy a Container App in EKS using CodeBuild & CodePipeline
- Scanning Container Image, SCA using Open Source
- Integrating Security in a Cloud Native Pipeline on AWS
Day 5-8
ππΎ 4 Part Amazon EKS Security Workshop (0-Hero in Amazon EKS Security):
ππΎ Snippet from Day 5
- Refresh of Container Security,
- Setup of Amazon EKS Lab Infra For EKS Goat
- Lab: Deploying a Vulnerable AWS EKS Infra
- Theory: Overview of Docker from a Security Perspective
- Lab: Secret Exfiltration with Dive
- Lab: Docker Security Scans
ππΎ Snippet from Day 6
- Theory: Basic of AWS ECR
- Lab: Automated Scanning in AWS ECR
- Introduction to AWS EKS
- Theory: Kubernetes Architecture Overview
- Theory: AWS EKS Terminologies
- Theory: EKS Authentication & Authorization
ππΎ Snippet from Day 7
- Roadmap for Senior Cloud Security Engineer
- 3 Cloud Security Projects to Copy from Senior Cloud Security Engineers
- DevSecOps pipeline with EKS
- Setting up an EKS Lab for testing attack & Defence)
ππΎ Snippet from Day 8
- Refresh of Container Security,
- Setup of Amazon EKS Lab Infra For EKS Goat
- Lab: Deploying a Vulnerable AWS EKS Infra
- Theory: Overview of Docker from a Security Perspective
- Lab: Secret Exfiltration with Dive
- Lab: Docker Security Scans
Day 9-10
ππΎ Analyzing and Responding to Incidents in AWS Cloud (RECIPE Framework):
ππΎ Snippet from Day 9 & Day 10 Analyzing and Responding to Incidents in AWS Cloud
- The RECIPE Framework to prioritize and respond to incidents in Cloud
- Example walkthrough of using RECIPE
Day 11
ππΎ SOC Metrics That CAN REDUCE Your INCIDENT RESPONSE TIME:
ππΎ Snippet from Day 11
- 5 SOC Metrics - What they are?
- Why do these Metrics Matter for Responding better and quicker in SOC
Day 12 & 13 - Start of the Azure Training
ππΎ BlindSides of Conditional Access in Microsoft Azure for EntraID - Access Tokens & Entra Tokens:
ππΎ Snippet from Day 12 & Day 13
-Difference between EntraID, Access Token and how Resources are protected
- Example walkthrough of retaining Access Token
Day 14
ππΎ Azure Security Assessments Using Resource Graph Explorer:
ππΎ Snippet from Day 14
- Setup of KQL Demo to use as the resource for security assessment
- Walkthrough of KQL queries to understand and filter out the potentially misconfigured Azure resources e.g public facing VMs.
Day 15
ππΎ Privilege Escalation with Azure Policies:
ππΎ Snippet from Day 15
- What is Azure Policy & why is it used by many Microsoft Azure users?
- How does "Effect" in Azure Policy be used for privilege escalation and opening back doors in VMs etc
Day 16
ππΎ Extending Azure Access Token Session time for Azure Recon with SPA:
ππΎ Snippet from Day 16
- The current limitation in Azure Access Tokens for extended enumeration of resources
- Using ROADtools and "Origin" header for SPA to extend Access Token life
Day 17
ππΎ How to Read Google Cloud Audit Logs as a Security Pro:
ππΎ Snippet from Day 17
- Types of Logs for Security Experts in Google Cloud
- How to Answer Key Questions Using Logs
-- Identify Impacted Resources:
-- Handle Long Operations:
-- Trace Original Invokers in Impersonation Scenarios
Day 18
ππΎ Setting Proxy in GCloud for Google Cloud Research:
ππΎ Snippet from Day 18
- What is GCloud
- How to setup Proxy GCloud for Google Cloud Research
Day 19-21
ππΎ Google Cloud Security Workshop (3 Parts): (0-Hero in Google GKE & Google Cloud Security)
ππΎ Snippet from Day 19
- Set up of GCloud
- Intro to the GCP CTF Workshop (Github)
- Workshop Setup & Verifying Setup of GKE Cluster Setup
ππΎ Snippet from Day 20
- Verify the GCP Workshop Challenge Setup is completed
- Challenge 1 of GCP Workshop (Misconfigured GKE Cluster)
- Challenge 2 of GCP Workshop (Misconfigured Service Account)
ππΎ Snippet from Day 21
- Challenge 3 of GCP Workshop (Misconfigured IaC)
- Challenge 4 of GCP Workshop (Service Account Privilege Escalation)
Whatβs Next Week?
Next week is Christmas Week so there wouldnβt be another email. The next email will be in the week of January 6, 2025.
π Thank You! π π
We wanted to thank you for all your support with Cloud Security Newsletter and the work we do here and also at Cloud Security Podcast, Cloud Security Bootcamp and AI Cybersecurity Podcast.
See you in 2025! π₯°
We would love to hear from youπ’ for a feature or topic request or if you would like to sponsor an edition of Cloud Security Newsletter.
Thank you for continuing to subscribe and Welcome to the new members in tis newsletter communityπ
Peace!
Was this forwarded to you? You can Sign up here, to join our growing readership.
Want to sponsor the next newsletter edition! Lets make it happen
Have you joined our FREE Monthly Cloud Security Bootcamp yet?
checkout our sister podcast AI Cybersecurity Podcast