Summary
![[tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes
Video playlists and abstracts from CloudNativeSecurityCon and KubeCon, overview of attacking AI assistants and agents, attack vectors to pivot from an EKS cluster to an AWS account.
Clint Gibler /
[tl;dr sec] #179 - BSidesSF Summaries, Attacking Kubernetes, OpenAI Burp Suite
I wrote quick summaries of four BSidesSF presentations, common Kubernetes attack vectors and vulnerable lab, Burp Suite extension that uses OpenAI for recon.
Clint Gibler /
[tl;dr sec] #178 - DevOps Threat Matrix, LLMs in Security, Supply Chain Security
Microsoft techniques and attack vectors for DevOps environments, applications of LLMs in security, the deps.dev API and Golang supply chain security.
Clint Gibler /
[tl;dr sec] #177 AWS KMS Threat Model, DOM Invader, Forensics in the Cloud
Threat model and attack tree for AWS Key Management Service, Gareth Heyes on how to use the DOM Invader Burp extension, doing cloud forensics when a container is compromised.
Clint Gibler /
[tl;dr sec] #176 - Cloud Security Atlas, Semgrep + AI, Finding Malicious PyPi packages
A searchable database of real-world attacks, vulns, and misconfigurations in cloud environments, Semgrep Assistant supports auto-triaging and fix suggestions using GPT-4, overview of malicious PyPi packages in 2023.
Clint Gibler /
[tl;dr sec] #175 The Future of Security Engineering, Awesome Kubernetes Threat Detection, ChatGPT Plugins
The power of open source, flexible tooling, k8s detection resources, ChatGPT just got a whole lot more powerful.
Clint Gibler /
[tl;dr sec] #27 - AppSec Weekly, SOC2 Starting Seven, Save Encryption
I was on Application Security Weekly #100, a no-nonsense guide to becoming SOC2 compliant, fight a bill that may kill encryption, compensation resources.
Clint Gibler /
[tl;dr sec] #168 - GCP and Azure Storage Threat Models, macOS Security, Red Team Resources
Detailed threat models for Google Cloud Storage and Azure Storage, Mac malware of 2022 and emerging payload obfuscation techniques, reverse engineering Rust binaries, offensive security and RE course, and more.
Clint Gibler /
[tl;dr sec] #167 - SBOM, Scaling Security Alert Management, Mitigating RBAC-Based PrivEsc in Kubernetes
Generating SBOMs and evaluating their quality, how Brex manages and automates security alerts at scale, how popular k8s platforms hardened themselves.
Clint Gibler /
[tl;dr sec] #166 - 2023 Security Predictions, Vuln Hunting with App Server Logs, Enforcing Device AuthN
Predictions for offense, from security leaders, and AWS, high signal vuln finding from application runtime exceptions, how Pinterest enforces managed and compliant devices in their Okta flow.
Clint Gibler /
[tl;dr sec] #165 - Hunting for Malicious Persistence in the Cloud, GitHub Action Security, Dark Sides of Machine Learning
How to detect malicious persistence in AWS, GCP, and Azure, leaking GitHub Action secrets and improving OIDC security posture, will ChatGPT degrade communication online?
Clint Gibler /
[tl;dr sec] #164 - Becoming Phishless, Machine Learning, Memory Safe Languages in Android 13
How a number of companies adopted WebAuthN and/or hard keys, neat new things in ML, the impact of Rust and memory safety in general in Android 13.
Clint Gibler /
[tl;dr sec] #162 - Meaningful Security Product Metrics, Vulnerability Inbox Zero, Joe Sullivan Trial Deep Dive
How to justify the value of your security team's investments and prioritize, how to build an Inbox Zero vulnerability management approach, Magoo's detailed blameless post-mortem of USA vs Joe Sullivan.
Clint Gibler /
[tl;dr sec] #160 - Application Security Foundations, Machine Learning Uses, Blackbox Regex Fuzzing
Notes from the WeHackPurple courses, a wide variety of applications of machine learning, bypassing validatoins and normalizations in web apps using regex fuzzing.
Clint Gibler /
[tl;dr sec] #157 - Transforming Security Champions, Production-ready osquery, Compromising Self-hosted GitHub Runners
Tanya Janca on building a security champions program, highly turned osquery detections, gaining GitHub Runner persistence and how to detect compromises.
Clint Gibler /
[tl;dr sec] #155 - Understanding IAM, Autogenerate Art from Blog Post, Attacking Closed DNS Resolvers
Understanding AWS permission boundaries and IAM policy evaluation, use ML to create art for your blog post based on its text, taking over your infrastructure Kaminsky style.
Clint Gibler /
[tl;dr sec] #152 - Infra as Code Security, Linux Distro for Supply Chain Security, CI/CD Security
Detailed IaC security guide with ~90 references, new Linux with default security measures for the software supply chain, securing and attacking SCM and CI systems.
Clint Gibler /
[tl;dr sec] #145 - Defending Against Phishing, iOS Privacy, DEF CON Advice
Cloudflare's write-up on a sophisticated phishing campaign, examining Meta apps' privacy implications and iOS16's Lockdown Mode, be yourself and find your tribe at DEF CON
Clint Gibler /
[tl;dr sec] #144 - Hacker Summer Camp, Building ProdSec from Scratch, IAM-Deescalate
How to stay healthy and get the most out of Vegas this year, how to build a ProdSec program from scratch, tool to mitigate privilege escalation risks in AWS.
Clint Gibler /
[tl;dr sec] #143 - Career Advice, SBOM, Attack Surface Monitoring
How to get into AppSec, getting a raise, and other career advice, SBOM tools, how to build your own ASM with ProjectDiscovery tools
Clint Gibler /
[tl;dr sec] #140 - AppSec, Building AWS Security Guardrails, Linux eBPF Rootkit
Security at start-ups and SAST program building, preventing classes of cloud vulnerabilities with guardrails, a Linux eBPF rootkit with a backdoor, C2, library injection, and more.
Clint Gibler /
[tl;dr sec] #139 - 60 RCE in 60 minutes, Free Sigstore Course, Cloud Risk Encyclopedia
A presentation with many real world RCE examples, new free course on using Sigstore for supply chain security, list of 1,200+ cloud security risks.
Clint Gibler /
[tl;dr sec] #136 - Career Advice, Scaling AppSec at Netflix, BSidesSF Summaries
Many career resources, lessons learned scaling AppSec at Netflix, 5 mini summaries I wrote of BSidesSF talks.
Clint Gibler /
[tl;dr sec] #134 - DevSecOps, Scalable Canary Tokens, Learning from AWS Customer Security Breaches
Useful ways to think about modern security teams, how to scale honeytokens while maintaining server level attribution, and how to harden your AWS environment based on public breaches.
Clint Gibler /
[tl;dr sec] #132 - Application Hacking Methodology, Pwning Cloudflare Pages, Why You Should Be Blogging
Jason Haddix's new Bug Hunter's Methodology for apps, write-up of a series of Cloudflare Pages bugs, Jack Rhysider on the power of blogging.
Clint Gibler /