6

The Security Design of the AWS Nitro System

 1 year ago
source link: https://factory.faun.dev/newsletters/i/the-security-design-of-the-aws-nitro-system-925b903b-abc0-4692-95a7-cdc11e079065
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

The Security Design of the AWS Nitro System

 
DevSecOps Weekly Newsletter, Zeno. Curated DevSecOps news, tutorials, tools and more!
🌐 View in your browser   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
 
Zeno
 
 
⭐ Patrons
 
 
Advertise with FAUN
 
 
Sponsor FAUN and reach developers where they are, not where you want them to be. Download our mediakit.
 
3636be96506a7dbf4b95c8a3b3c7003f.png
 
 
⭐ Sponsors
 
 
The most advanced cryptocurrency hardware wallet
 
 
The Trezor Model T is the most advanced cryptocurrency hardware wallet. Easily store and protect your Bitcoin, passwords, tokens, and keys with confidence. 👉 Touchscreen - 1.54'' Color LCD 👉 USB - C included 👉 Manage coins in Trezor Suite 👉 Bitcoin, Litecoin, Ethereum (+all ERC-20), and more 👉 1456 Coins & Tokens 👉 Unlimited hidden wallets 👉 and more features!
 
a58d7f4c3e3e4e05a1dc97056adaa910.png
 
 
🔗 From the web
 
 
GCP Cloud Asset Inventory Feed : Get real time notifications on Resource Changes
 
 
The Cloud Asset Inventory keeps track of your GCP resources over time. This database keeps a history of 5 weeks of metadata around each asset in the inventory and lets you query your inventory at any particular time instant.

In this article, you will see how we can subscribe to the real time notifications for changes in your assets and get an alert when a Google Compute Engine Instance with Public IP is created.
 
 
 
Before an attacker discovers your cloud, be aware of the endpoints you have exposed to the internet.
 
 
Attackers constantly scan internet endpoints for susceptible services to access and breach. Once a public IP becomes active, keep in mind that attackers and different search engines starts to crawl it. It’s always a good idea to keep track of which endpoints on your cloud are accessible via the internet and audit those endpoints on a regular basis before a compromise becomes inevitable.

VPC services on GCP provide networking functionality to a variety of services such as VM/Kube services, CloudSQL, load balancers, and so on, which can be used to run services with attaching an external IP address to expose on the internet.

GCP helps with tracking/visibility with all lists of external addresses used on the project aligning with respective resources. In this article, see how you can leverage the available service and APIs for same to find the services the one which is exposed to the internet on the same.
 
 
 
The Security Design of the AWS Nitro System   ✅
 
 
Amazon EC2 is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

The AWS Nitro System is the underlying platform for all modern EC2 instances. This whitepaper provides a detailed description of the security design of the Nitro System to assist you in evaluating EC2 for your sensitive workloads.
 
 
 
Data Breaches of 2022 and How They Could Have Been Prevented
 
 
Despite our best efforts, cybersecurity continues to lag behind the creativity of cyber criminals. As we become more interconnected, the potential for a devastating data breach only grows.

In 2022, there have been several major data breaches that remind us of the importance of proper security precautions.
 
 
 
5 steps to help make your software supply chain more secure
 
 
From our new report on supply chain security vulnerabilities, CISO Phil Venables offers five tips on how Google Cloud can help secure your software.
 
 
 
3 Essential Tips for Adopting DevSecOps
 
 
Implementing processes to make it less painful is key to integrating cloud security into DevOps. Automate as much as you can. Start small, then evolve.
 
 

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK