For me Threat Intelligence is not only the last buzzword for security products. It also means education of the day-to-day professionals who take care of network and system. It can be related to security...
I’m thrilled to announce that @m1guelpf and I just launched our product Enlightn, a tool that boosts your Laravel app’s performance & security!
It has 120 checks:
🚀 34 performance checks
🛡️ 45 security checks
✅ 41 reliability checks
Check it out here: https://www.laravel-enlightn.com/
Looking for an architecture-focused learning path? I like this list of book suggestions from @ghohpe ... https://architectelevator.com/architecture/architect-bookshelf/
Let's talk about PassRole. That pesky privilege escalation vector. I wrote a blogpost explaining the work we did @ErmeticSec to create a list of AWS actions that require PassRole and parameters denoting roles: https://ermetic.com/whats-new/blog/auditing-passrole-a-problematic-privilege-escalation-permission/
Highlights in thread, list in next reply.
My 3rd annual "AWS Security Maturity Roadmap" is out! This is my guide for the steps to securely run on AWS. See what changed this year and download it at https://summitroute.com/blog/2021/01/12/2021_aws_security_maturity_roadmap_2021/
Learn how to detect threats using Graylog Pipelines, from Recon InfoSec CTO, @eric_capuano . In this series, he covers normalization, enrichment, threat detection/escalation, & alerting.
Part 1 - https://hubs.la/H0Djtbb0
Part 2 - https://hubs.la/H0DjtyN0