This issue is sponsored by Invary. Check out Invary's ability to detect hidden rootkits, a task that modern threat detection solutions fail in action » HERE. Note: The author donates proceeds from the newsletter sponsorship.
This week TLDR i.e. 1 minutes version (For executives):
AWS Support launches Security Improvement Program for Enterprise On-Ramp customers.
CodePipeline supports GitLab self-managed.
Trending in Cloud & Cyber Security (News, Blogs, Tweets etc):
AWS Security Blogs & Bulletins:
Google Chrome new safety check features, including alerts if it detects compromised passwords or harmful extensions. Link.
Blog by Scott Piper - ‘Setting secure defaults on AWS and avoiding misconfigurations"‘. Link.
Blog- 5 Cybersecurity Predictions for 2023 by Frank Wang. Link.
CDK Goat - Vulnerable AWS CDK Infrastructure by Avishay Bar. Github Link.
Wired- The worst hacks of 2023. Link.
This week Long i.e. 5 minutes version (For architects & engineers):
AWS announced Security Improvement Program (SIP) for Enterprise On-Ramp (EOP) customers which measures your AWS environment against 90+ critical security best practices and provides tactical level improvement recommendations to improve your security posture. Link.
You are now able to leverage projects from your GitLab self-managed instance (including GitLab Enterprise Edition and GitLab Community Edition) for the purposes of building, testing, and deploying code changes through AWS CodePipeline. By establishing a connection between your GitLab self-managed instance, located within a VPC or accessible directly, using AWS CodeStar Connections, you can seamlessly integrate it into your pipeline. This integration allows for the automatic initiation of pipeline executions in response to changes within your repository. Link.
Thank You for reading! If you enjoyed this newsletter, I’d be grateful if you could forward it to your professional circle.
Thanks for reading AWS Cloud Security Weekly! Subscribe for free to receive new posts and support my work.