Get a demo

  • How it works
  • Blog
  • Media
  • About

Useful AWS Tools and Links

Oct 22, 2020

Vladi Sandler

Written by

CEO

Twitter
linkedin

Sharing is Caring


This week our topic is going to be AWS.  Amazon Web Services (AWS) was the leading cloud service provider in Q3 2020, increasing its share of total spend from last quarter to 32%. Working with several local and global organizations using AWS, we keep learning more and more about the platform and enrich our knowledge to stay on top of the most recent learnings and insights.

 

Here’s a great group of tools and resources to learn from:

 

First up, we’ve got Offensive Terraform Modules - a collection of automated offensive attack modules defined as Infrastructure as Code (IaC). My favorite one is "Cross Account Persistence". For more information and new attack vectors, why not set up a virtual coffee date with our CTO and co-founder Or Azarzar. 

 

Next up is Anatomy of AWS Lambda - Lambda internals is super important for offensive, defensive, and R&D purposes.

 


Then there’s serverless.com - Following recommendation No. 2, I personally believe that reading about a topic is not enough, you need to practice! Using the Serverless framework, it is super easy to develop a serverless architecture and better understand the Lambda internals. I dare you to develop a vulnerable architecture and share an exploitation tutorial with us. Are you up to the challenge??

 

And for now, the last one is aws-s3-virusscan - It can be useful especially for public buckets, with improper permissions ofA R/W.

Context is The Key to Achieving Security in the Cloud

When it comes to the security of your cloud environment, a single finding isn't enough to tell a full story. Context is the key to proactively protect native, Kubernetes, and microservices and start seeing your environment through an attacker’s eyes.

Blog

----  Read more▸

Sharing is Caring - Useful Cloud Security Tools and Links

This series gives our community the best tips and tricks for cloud environments. In this blog, Vladi shares his top picks for K8s, Docker, and more.

Blog

----  Read more▸

Sharing is Caring - Useful Azure Tools and Links

This series gives our community the best tips and tricks for cloud environments. In this blog, Vladi presents his favorite resources and tips for Microsoft Azure.

Blog

----  Read more▸

About Lightspin

Lightspin’s contextual cloud security platform protects native, Kubernetes, and microservices from known and unknown risks. Using predictive graph-based technology, Lightspin empowers cloud and security teams to eliminate risks by proactively blocking all attack paths while maximizing productivity by dramatically reducing and prioritizing security alerts, to cut down remediation time.

More articles