A compilation of stories written about AWS by Teri Radichel
There’s over 100 posts in this series which walks through implementing a secure AWS architecture with governance and not done…not going to repeat all these here so check out the links in the following post.
Automating Cybersecurity Metrics (ACM)
Temporary access to log into an AWS VM using an AWS IOT Button
IoT Security ~ AWS 1-Click Buttons
What is interesting about this particular post is that after publishing it, Azure implemented something called Just In Time access (JIT) on Azure with Privileged Access Management (PIM). You get limited access to a VM on Azure and when your time is up, access is shut off. Organizations can require people to request access prior to using it. Now this service is available in Azure for AWS EC2 instances (in preview at the time of this writing).
Why one of your favorite pentesting techniques doesn’t work on AWS
I was surprised just how popular this post has been over time. It was interesting to attend a presentation shortly after posting this at an event put on by an organization I work with. A copy of the diagram in this post was practically copied and put into the deck by the author. A different person was giving the talk with the slides and was surprised to see the slide and couldn’t explain it :-D. Please provide references and give credit when you lift other people’s content.
Why one of your favorite pen testing techniques doesn’t work on AWS
Amazon DocumentDB Network Access — Why the VPC?
I am continuously trying to explain network security to developers. I often feel like I haven’t done a good enough job because the topic keeps coming up but I’ll keep trying. This is one of those posts.
Amazon DocumentDB Network Access — Why the VPC?
Keys to AWS Success
Also you might be interested in this summary of Keys to AWS Success from Andy Jassy in a prior AWS re:Invent keynote.
SSH to an AWS EC2 Instance with a Chromebook
My nephew was helping me test my AWS security classes and had a Chromebook. He’s one of the least interested in school and technology in my family and didn’t even last very long after I wrote this post — but ironically is one of my post popular blog posts. (Though not into school or tech he is actually very good at math and just did an amazing job of adding brick pavers to our back yard. Everyone has their own “thing.”)
SSH to an AWS EC2 Instance with a Chromebook
Easier CloudFormation
Many people struggle with CloudFormation. I think that is in part due to the way it is presented. Hopefully this post makes it easier to get started.
My History of DevSecOps
The first time I heard DevSecOps was when presented by some AWS security gurus at AWS re:Invent. That was part of my journey to AWS security.
.NET AWS Lambda Function
When AWS introduced .NET for AWS Lambda, I took a look. Surprisingly this has also been a very popular post. There must be a lot of people trying out .NET with AWS Lambda!
Zooma! Zoom! Zoom!
I tried running Zoom on an AWS Workspace instance. It worked for a while but had some issues. I wish this work work on a standard EC2 instance because AWS Workspaces are a bit expensive.
Step by step approach to installing Zoom on Amazon Workspaces
The problem I hit was that the driver started failing after initially working. I haven’t got back to testing this further. I am also concerned about the security implications of installing this driver. I installed it on a machine specifically used for communications on a locked down network. I wish AWS would build a solution for this. (If they haven’t yet.)
Cross account AWS IAM roles with external IDs and MFA
I use MFA when performing AWS penetration tests. It works with AWS IAM but not AWS SSO. This post explains how to MFA with the AWS CLI and an external ID. In my first link in this post I have posts on the related security threat that an external ID helps protect against — the confused deputy attack.
Cross account AWS IAM roles with external IDs and MFA
Install Go on AWS EC2
Based on my stats, a lot of people are interested in usign golang on AWS.
I wrote about the security benefits of Go here:
Security Benefits of Golang Concurrency
Real World Cloud Compromise
I gave a presentation for AWS Women in Tech on AWS application vulnerabilities found on penetration tests.
Serverless Security
In this presentation at RSA 2020 I talked about security services environments and a few issues I found on AWS penetration tests.
https://medium.com/media/88fb1a65171b2fe62fcac4d6702fc9f2/href
Red Team vs. Blue Team on AWS
In this presentation, Kolby Allen and I talk about attacks and defenses on AWS.
https://medium.com/media/6a109d02c89b05d9f72fc2caa3314e7a/href
Security & Machine Learning
In these posts I explore security and machine learning, and I tried an Amazon DeepRacer.
Security & Machine Learning — Part 1
AWS IAM Role Profiles with Boto3
In this post I explain how to use AWS IAM Roles with Boto3.
AWS IAM Role Profiles with Boto3
Mapping Attack Paths
This post talks about tools I use on AWS penetration tests to map out network attack paths.
AWS 2020 re:Invent Announcements
AWS re:Invent 2020 Announcements
AWS Resources used in the Solar Winds Breach
This post explains how AWS resources were used in the Solar Winds Breach.
SolarWinds Hack: Retrospective
Hackers as Cloud Customers
Explained how attackers used AWS and Azure in the Solar Winds Breach.
What’s in Your Cloud?
My most popular post (sadly) on the Capital One Breach.
Amazon declined to testify at congressional hearing on SolarWinds hack
A post on click bait reporting.
Amazon declined to testify at congressional hearing on SolarWinds hack
On Becoming an AWS Hero
Container Escape in AWS HotPatch
Container Escape Vulnerability in AWS Hot Patch
Follow for updates.
Teri Radichel
If you liked this story please clap and follow:
******************************************************************
Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research
******************************************************************
© 2nd Sight Lab 2022
____________________________________________
Author:
Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.
Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts
AWS Security was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.