all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Containing Compromised EC2 Credentials Without (Hopefully) Breaking Things

Add to bookmarks
c
April 7, 2023, 5:55 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by FireMon. Written by Rich Mogull, SVP of Cloud Security, FireMon. TL;DR: There are multiple techniques for containing compromised instance credentials. The easy ones are the most likely to break things, but there are creative options to lock out attackers without breaking applications.Over the past few years we’ve seen some major advances by Amazon to help reduce the risks that an attacker can steal and abuse credentials assigned to AWS instances. Okay, sure, a lot of t...

abuse amazon applications attackers aws cloud cloud security compromised credentials ec2 firemon instance lock major options risks security steal techniques things

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Microsoft Copilot for Security: Everything You Need to Know 9 hours ago | cloudsecurityalliance.org
ai-powered copilot copilot for security cybersecurity +17
Cl
Navigating the Cloud – Beyond “Best Practices” 1 day, 16 hours ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
Defining Cloud Key Management: 7 Essential Terms 1 week ago | cloudsecurityalliance.org
access access control breaches cloud +26
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 1 week ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 1 week ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 1 week ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 1 week ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Livin' on the Edge: Linux's Impact on Computing 1 week, 1 day ago | cloudsecurityalliance.org
attitudes automox changing ciso +16
Cl
Your Ultimate Guide to Security Frameworks 1 week, 2 days ago | cloudsecurityalliance.org
breaches build business customers +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs