A Review of the Best News of the Week on Cloud Security, DevOps, AppSec
Half of Docker Hub Images Feature Critical Flaws (Infosecurity Magazine, Dec 02 2020)
New study of four million container images reveals major risks
Tesla Hacked and Stolen Again Using Key Fob (Threatpost, Nov 30 2020)
Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
re:Invent 2020 – Your guide to AWS Identity and Data Protection sessions (AWS Security Blog, Nov 30 2020)
AWS re:Invent will certainly be different in 2020! Instead of seeing you all in Las Vegas, this year re:Invent will be a free, three-week virtual conference. One thing that will remain the same is the variety of sessions, including many Security, Identity, and Compliance sessions.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Malicious or Vulnerable Docker Images Widespread, Firm Says (Dark Reading, Dec 01 2020)
A dynamic analysis of the publicly available images on Docker Hub found that 51% had critical vulnerabilities and about 6,500 of the 4 million latest images could be considered malicious.
Do You Know Who’s Lurking in Your Cloud Environment? (Dark Reading, Nov 25 2020)
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
Worldwide cloud security market to reach $20.9 billion by 2027 (Help Net Security, Nov 26 2020)
The global cloud security market is projected to account for $20.9 billion by 2027, according to a report by Million Insights and is expected to grow with 14.6% CAGR from 2020 to 2027. Growing investment in cloud infrastructure and an increasing number of cyber attacks are expected to drive the market growth.
Containers Complicate Compliance (And What To Do About It) (The Security Ledger, Nov 30 2020)
If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose….
Cloud native security: A maturing and expanding arena (Help Net Security, Dec 02 2020)
“At the recent KubeCon + CloudNativeCon North America 2020, I had the opportunity to take part in a keynote panel with a number of other cloud native security practitioners. We got questions on a wide range of cloud native security topics and through those and other talks at the conference, I’ve been able to identify some key concerns around container security and the wider cloud native ecosystem. It’s not just Kubernetes”
Native Cloud Security Controls Still “Not Good Enough” (Infosecurity Magazine, Dec 02 2020)
As cloud services and SaaS were heavily adopted in 2020, how well did security keep up?
Tightening application security with Amazon CodeGuru (AWS DevOps Blog, Dec 01 2020)
Amazon CodeGuru is a developer tool powered by machine learning (ML) that provides intelligent recommendations for improving code quality and identifies an application’s most expensive lines of code. To help you find and remediate potential security issues in your code, Amazon CodeGuru Reviewer now includes an expanded set of security detectors.
Monitor and secure your containers with new Container Threat Detection (Google Cloud Blog, Dec 01 2020)
As more containerized workloads find their way into your organization, you want to be able to detect and respond to threats to containers running in this environment. Today, we’re excited to announce the general availability of Container Threat Detection to help you monitor and secure your container deployments in Google Cloud.
Container Threat Detection is a built-in service in Security Command Center Premium tier.
Why Vulnerable Code Is Shipped Knowingly (Dark Reading, Nov 30 2020)
The business priority of speed of development and deployment is overshadowing the need for secure code.
WebKit Vulnerabilities Allow Remote Code Execution via Malicious Websites (SecurityWeek, Nov 30 2020)
The WebKit browser engine is affected by several vulnerabilities, including ones that can be exploited for remote code execution by convincing the targeted user to visit a malicious website.