Cloud-specific indicators of compromise, tools regularly used by Russian government threat actors, webinar on secure guardrails & building Netflix's Paved Road
Excellent scaling CloudSec resources, SANS + AWS white paper, two OSS benchmarks for measuring the offensive capabilities of AI models
LinkedIn's dynamic infra mapping system that streamlines vuln management, register any removed package name because #yolo, creating least privilege roles at scale
Common attack paths in identifying GHA vulns, how quickly AWS tokens are found by location, resources for red teamers and defenders
Skim >60 talks in ~15min, oodles of IAM tool-dles, all the tools ransomware gangs use
Get up to speed on >60 AI talks in 15 minutes
A list of all of the talks, abstracts, recordings, slides, papers, and tools for the Main Track and >10 villages
A list of all of the talks, abstracts, recordings, slides, papers, and tools from BSidesLV and BlackHat USA
Slides for some solid Vegas talks, threat modeling enterprise AI, open source templates to bootstrap your security programs
Across web security, cloud, supply chain, and AI
How to build a cost-effective, scalable detection engine, have LLMs write detections for you, understanding AWS session token internals
The best context I've found on what happened, an opinionated guide to become an AWS pentester, a new platform for grokking open security detection rules
![[tl;dr sec] #249 - Atomic Cloud IOCs, Russian APT Tool Matrix, Netflix Paved Road Webinar](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
