Episode 481
Computers Checking Compliance Boxes
Last week in security news: Circle CI security alert, another Azure vulnerability, Amazon S3 Encrypts New Objects By Default, new tools. and more!
January 12, 20235m 32s
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
This episode is sponsored in part by the Google for Startups Cloud Program
Links:
- CircleCI came out with a security alert urging you to rotate any secrets stored in CircleCI.
- Another bite at the craptastic LastPass breach response, this article parses their weak-sauce PR statement
- Over the holidays Slack had some private GitHub code repositories stolen.
- ACSESSED is another Azure vulnerability
- Amazon S3 Encrypts New Objects By Default
- Updated whitepaper available: AWS Security Incident Response Guide
- iamfast analyzes your application code to generate a least-privilege IAM policy.
- Wiz has come up with and open sourced PEACH, a tenant isolation framework for cloud applications.
Topics
cloudawsamazondevopslast week in aws984841