Last week in security news: Dependency confusion in AWS CodeArtifact, this week's S3 Bucket Negligence Award, a new tool called Trivy, and more!
Episode Show Notes & Transcript
- Apparently there's been some dependency confusion in AWS CodeArtifact.
- PlatformQ wins this week's S3 Bucket Negligence Award
- Found an interesting article that suggests that ransomware in AWS isn't a purely theoretical concern.
- Protocol interview with AWS CISO CJ Moses about his cloud security challenges.
- AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) project
- Trivy is a security scanner for vulnerabilities in container images, Git repositories, filesystems, and various bits of configuration.