AwsSecDigest Profile Banner
AWS Security Digest Profile
AWS Security Digest

@AwsSecDigest

Followers
1K
Following
45
Media
159
Statuses
493

📥 Stay Up-to-Date on the latest AWS Security News with our Weekly Digest.

💌 👉🏻
Joined March 2022
Don't wanna be here? Send us removal request.
@AwsSecDigest
AWS Security Digest
2 days
Plaid's Journey to Creating a Key Management System.By Shuaiwei Cui & Anirudh Veeraragavan. How does Plaid secure millions of sensitive financial transactions while maintaining developer agility? This deep dive into Plaid’s custom-built Key Management System (KMS) reveals the
Tweet media one
0
0
6
@AwsSecDigest
AWS Security Digest
3 days
Datadog Threat Roundup: Top Insights for Q4 2024.By Matt Muir, Andy Giron, Adrian Korn, Greg Foss, and Oren Margalit. Datadog’s latest Q4 2024 Threat Roundup uncovers major shifts in cloud attack techniques, from new malware variants to evolving IAM abuse tactics. If you're
Tweet media one
0
0
2
@AwsSecDigest
AWS Security Digest
4 days
Own (or PWN) the Org with CloudFormation StackSets.By Rich Mogull. CloudFormation StackSets offer organization-wide automation, but a single misconfiguration can hand over the keys to your entire AWS org. This deep dive explores how attackers can exploit StackSets for privilege
Tweet media one
0
2
7
@AwsSecDigest
AWS Security Digest
5 days
How to Start Threat Modelling in AWS.By Ihor Sasovets. Threat modelling is essential for identifying and mitigating security risks in AWS, but where do you start? This guide walks through a structured approach to understanding, mapping, and securing your AWS environment before
Tweet media one
0
5
11
@AwsSecDigest
AWS Security Digest
6 days
🛎️ AWS Security Digest 216 is out! . 1️⃣ AWS Account ID Enumeration Through Root User MFA by Michael Magyar .2️⃣ Hijacking Amazon EventBridge for launching Cross-Account attacks by Ramesh Ramani .3️⃣ Sign in with your eID: Using AWS IAM Roles Anywhere with a SmartCard Reader by Ben.
0
4
6
@AwsSecDigest
AWS Security Digest
9 days
Understanding RCPs and SCPs in AWS: Choosing the Right Policy for Your Security Needs.By Jason Kao. AWS offers multiple layers of policy enforcement, but do you know when to use Resource Control Policies (RCPs) versus Service Control Policies (SCPs)? Choosing the right one can be
Tweet media one
0
1
2
@AwsSecDigest
AWS Security Digest
10 days
Tracking Cloud-Fluent Threat Actors – Part Two: Behavioral Cloud IOCs.By Merav Bar & Gili Tikochinski. Sophisticated attackers leave behind behavioral indicators of compromise (IOCs) that traditional detection methods often miss. This article explores how to track cloud-fluent
Tweet media one
0
3
11
@AwsSecDigest
AWS Security Digest
11 days
Unlock the secrets of bypassing honeypots in AWS with expert insights . By Tejas Zarekar. Discover advanced techniques and technical details to outsmart these security traps and ensure the integrity of your cloud infrastructure. Here’s what you’ll learn:. 🛡️ Dive deep into the
Tweet media one
0
1
5
@AwsSecDigest
AWS Security Digest
12 days
Introducing Policy Tester: A Test Harness for AWS IAM Policies.By David Kerber. Managing AWS IAM policies can be a nightmare, especially when it comes to verifying permissions and debugging access issues. Enter Policy Tester, a new test harness designed to simplify and automate
Tweet media one
0
3
6
@AwsSecDigest
AWS Security Digest
13 days
🛎️ AWS Security Digest 215 is out! . 1️⃣ Revoking access to IAM Roles Anywhere using open-source private CA by Paul Schwarzenberger .2️⃣ Getting Started with CloudTrail Security Queries by Rich Mogull .
0
0
2
@AwsSecDigest
AWS Security Digest
16 days
ast Unauthenticated Role Scanning.By Ryan Gerstenkorn. Attackers love misconfigured IAM roles, and unauthenticated role scanning is one of the fastest ways to discover them. This article explores how AWS roles can be identified without authentication, revealing potential security
Tweet media one
0
1
4
@AwsSecDigest
AWS Security Digest
17 days
VictoriaLogs: Creating Recording Rules with VMAlert.By Arseny Zinchenko (setevoy). Efficient log monitoring is critical for scaling observability, and VictoriaLogs offers a lightweight yet powerful solution. This guide walks through setting up recording rules with VMAlert,
Tweet media one
0
1
7
@AwsSecDigest
AWS Security Digest
18 days
How to Create an AWS GovCloud (US) Account in Just Three Steps.By Cloud Security Pro. Setting up an AWS GovCloud (US) account is often seen as complex and time-consuming, but this guide breaks it down into three simple steps—getting you up and running without unnecessary
Tweet media one
0
0
1
@AwsSecDigest
AWS Security Digest
19 days
Epic Cloud Security Automation: Fixing the Broken RCP.By Rich Mogull. Security automation in the cloud is supposed to make things easier, but Request for Change (RCP) processes often get in the way—causing delays, increasing risk, and frustrating teams. This article breaks down
Tweet media one
0
3
5
@AwsSecDigest
AWS Security Digest
20 days
🛎️ AWS Security Digest 214 is out! . 1️⃣ How to get rekt using AWS Neptune by @dagrz .2️⃣ Hey ARNold: A Guide to All the Amazon Resource Identifiers Formats in AWS by Jason Kao .3️⃣ Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere by Itay.
0
1
4
@AwsSecDigest
AWS Security Digest
23 days
Securing Amazon Redshift – Best Practices for Access Control.By Kyle Escosia. Amazon Redshift is a powerful data warehouse, but misconfigured access controls can expose sensitive data. This article dives deep into how to secure Redshift clusters with best practices for
Tweet media one
0
0
1
@AwsSecDigest
AWS Security Digest
24 days
Deep Dive: AWS Organization Policies (Part 1).By Naman Sogani. AWS Organizations provide a structured way to govern multiple AWS accounts, but understanding how Service Control Policies (SCPs), Tag Policies, and AI-driven validation work is crucial for securing your cloud
Tweet media one
0
0
4
@AwsSecDigest
AWS Security Digest
25 days
Centralized Root Access in AWS: A Game-Changer for LandingZone Security.By Lucian Pătian. Managing root account access across multiple AWS accounts has long been a security headache, but AWS is now offering centralized control—a major shift for organizations using LandingZone.
Tweet media one
0
2
7
@AwsSecDigest
AWS Security Digest
26 days
Avoiding Mistakes with AWS OIDC Integration Conditions.By Scott Piper. AWS OpenID Connect (OIDC) integration is a powerful tool for identity federation, but small misconfigurations can lead to major security gaps. This article explores common pitfalls in AWS OIDC integration
Tweet media one
0
1
9
@AwsSecDigest
AWS Security Digest
30 days
Hat Trick: AWS Introduced the Same RCE Vulnerability Three Times in Four Years.By Giraffe Security. Amazon Web Services (AWS) has a strong security reputation, but even industry giants can repeat mistakes. This article dives into how the same remote code execution (RCE)
Tweet media one
0
3
4