Shihabudheen Thoni Kadavath on LinkedIn: Automatically disabling leaked service account keys: What you need to know… (2024)

AWS has promised to take action after a software engineer demonstrated a malicious actor could run up a massive cloud bill for you if they know the name of your S3 bucket – just by hammering it with access requests.Even if your bucket is set to “private” or protected by Amazon Cloudfront (a Content Distribution Network) such attacks can still work effectively. (A quick search of Github by a Datadog engineer showed the names of over 63,000 customer S3 buckets exposed in AWS’s US East region alone.)This happens because S3 charges for unauthorised requests even if you did not initiate them. Although AWS lets you toggle “requester pays” on, under a wide range of circ*mstances the bucket owner is still charged for requests – including if request authentication fails (HTTP code 403), the request is anonymous (HTTP code 403), or the request is a SOAP request.AWS has promised action over this “Denial of Wallet” risk.What is a Denial-of-Wallet attack?Denial-of-Wallet (DoW) exploits are similar to traditional denial-of-service (DoS) attacks in the sense that both are carried with the intent to cause disruption.However, while DoS assaults aim to force a targeted service offline, DoW seeks to cause the victim financial loss.#cloudsecurity #cloud #aws #cybersecurity

5

Glad to share that I've recently passed the Okta Certified Professional Hands-on Configuration Exam to become an Okta certified Professional.Okta is a cloud-based platform that provides Identity and Access Management (IAM) solutions for businesses. Identity and Access Management (IAM) play a pivotal role in cloud computing, particularly concerning security, efficiency, and compliance. IAM ensures that only authorized individuals or systems have access to resources and data within the cloud environment. With the increasing adoption of cloud services, effective IAM becomes crucial for maintaining data confidentiality, integrity, and availability.Okta stands out as a leading provider of IAM solutions, offering businesses a comprehensive platform to manage user access securely. By centralizing IAM processes, Okta simplifies user authentication and authorization across various cloud applications and services. With features like single sign-on (SSO) and multi-factor authentication (MFA), Okta enhances security measures, reducing the risk of unauthorized access and potential data breaches. Moreover, Okta's platform enables organizations to streamline user provisioning and deprovisioning, ensuring efficient management of user identities throughout their lifecycle.Thanks to Okta for the training and certification opportunity.#OktaCertified #IAM #cloudsecurity #cybersecurity #okta

14

2 Comments

I’m happy to share that I’ve obtained a new certification: Zscaler Digital Transformation Administrator from ZscalerThe Zscaler Digital Transformation Administrator certification is designed by Zscaler for security professionals, network engineers, security engineers, and security solutions architects to validate their understanding of deploying and implementing the Zscaler Zero Trust platform.#zerotrust Zero trust is a security strategy rejecting default trust in any entity—user, app, service, or device. It follows the principle of least-privileged access, establishing trust based on context and security posture before allowing any connection. Continuous reassessment occurs for every new connection, even if previously authenticated. Contemoporary cloud environments make attractive targets for cybercriminals aiming to steal, destroy, or ransom business critical and sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial information. In cloud environments, cyber threats targeting critical data necessitate effective security.While no security strategy is perfect, zero trust is among today's one of the most effective strategies as it:Reduces Attack Surface: Minimizes the risk of data breaches.Granular Access Control: Provides precise control in cloud and container environments.Mitigates Impact of Attacks: Limits damage, reducing cleanup time and cost.Supports Compliance: Enhances overall cybersecurity posture, crucial for compliance.Adopting a zero-trust approach is crucial in safeguarding against evolving cyber threats in the #cloud ."Thanks to Eric Nute CISSP and Zscaler Academy for the hands-on learning opportunity!"#cybersecurity #cloudsecurity #zerotrustsecurity #sase #zscaler #digitaltransformation #securityengineering #zerotrustarchitecture #continuouslearning

13

1 Comment

Starting the Zero Trust Security learning journey.....Glad to share that I've successfully passed the Zero Trust Certified Associate (ZTCA) certification by Zscaler.#zerotrustarchitecture Zero Trust Architecture is a security framework designed to minimize a network's attack surface, prevent lateral movement of threats, and reduce the risk of a data breach using the zero-trust security model.The ZTCA certification course offers practical guidance on how to deliver effective control and visibility across zero trust initiatives, as well as contrasting zero trust approaches with legacy architectures. It explores architectural constructs for real world implementation, including in the context of theZscaler Zero Trust Exchange.The Zscaler Zero Trust Exchange is a cloud native platform that connects and secures users, workloads, and devices over any network from any location.#zerotrust #ztna #zerotrustsecurity #cybersecurity #cloudsecurity #networksecurity #zscaler #sase

7

2 Comments

Sharing valuable insights from David Pazdera ☁️ a Principal Cloud & DevOps Architect, on the challenges of big datacenter moves to Azure. Based on his decade of experience, David breaks down common issues faced at different project stages.Great Article , Thanks David Pazdera ☁️ for Sharing your valuable insights with the community.#cloudcomputing #azure #azurecloud #cloudmigration #itprojectmanagement

4

1 Comment

Google Cloud Platform (GCP) Incident Response Cheat Sheet#cloudsecurity #gcp #googlecloud

3

well said Abhay Bhargav .Settings in cloud security might seem straightforward, but the challenge often lies in configuring them correctly for your specific needs. Misconfigurations can introduce vulnerabilities, emphasizing the importance of thorough understanding and careful implementation.#cloudsecurity #cybersecurity #cloudcomputing

2

Thanks Rich Mogull for this brilliant initiative...#cloudsecurity #cloudcomputing #cybersecurity

3

MITRE released version 14 of its ATT&CK framework, introducing 18 new Enterprise techniques, with as many half of them directly related to Infrastructure-as-a-Service (IaaS) or Software-as-a-Service (SaaS). Noteworthy additions include techniques like Abuse Elevation Control Mechanism for Temporary Elevated Cloud Access, Account Manipulation for Additional Container Cluster Roles, and Credentials from Password Stores focusing on Cloud Secrets Management Stores. A new technique called Log Enumeration is introduced for discovering information in system and service logs, applicable to various platforms and IaaS.For SaaS, the release includes Exfiltration Over Webhook, Financial Theft, and Impersonation techniques. Exfiltration Over Webhook addresses threat actors using webhooks for automated or manual exfiltration from SaaS services. Financial Theft involves adversaries attempting to steal monetary resources, often through social engineering in email, while Impersonation focuses on social engineering in business email compromise or email fraud campaigns.#cloud #cloudsecurity #cybersecurity #networksecurity #mitreattack #cloudcomputing

5