Episode Summary
Last week in security news: Circle CI security alert, another Azure vulnerability, Amazon S3 Encrypts New Objects By Default, new tools. and more!
Episode Show Notes & Transcript
- CircleCI came out with a security alert urging you to rotate any secrets stored in CircleCI.
- Another bite at the craptastic LastPass breach response, this article parses their weak-sauce PR statement
- Over the holidays Slack had some private GitHub code repositories stolen.
- ACSESSED is another Azure vulnerability
- Amazon S3 Encrypts New Objects By Default
- Updated whitepaper available: AWS Security Incident Response Guide
- iamfast analyzes your application code to generate a least-privilege IAM policy.
- Wiz has come up with and open sourced PEACH, a tenant isolation framework for cloud applications.