Tools Resources
SecDataOps and Vulnerability Management

Introducing The Complete Guide to SecDataOps and Vulnerability Management on AWS

Jonathan Rau
By: Jonathan Rau
Mar 7, 2023

After going back and forth with my LinkedIn followers in mid-2022 about a post on vulnerability management on AWS, I transformed the thought into 110 pages (thanks to screenshot and code snippets) into what I believe to be the definitive resource fo...

Serverless Functions Security

A New Open-Source Tool that Fills a Critical Serverless Security Gap 

Ariel
By: Ariel Shuper
Nov 22, 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

Guide to AWS KMS

The Complete Guide to AWS KMS

Noga
By: Noga Yam Amitai
Sep 8, 2022

AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the cryptographic keys used to protect your data. This service easily integrates with other AWS services, such a...

Defender for Endpoint on AWS

Microsoft Defender for Endpoint on AWS: Part 2

Jonathan Rau
By: Jonathan Rau
Dec 7, 2021

In the first entry in this series, we explored what Endpoint Detection and Response (EDR) is, and why the Panoptica Office of the CISO uses it to secure our Amazon EC2 server estate. We previously provided scripts and a basic walkthro...

Microsoft Defender for Endpoint on AWS

Microsoft Defender for Endpoint on AWS: Part 1

Jonathan Rau
By: Jonathan Rau
Nov 3, 2021

Protecting Your AWS Server Estate When it comes to protecting your AWS server estate, or your endpoints and servers in a broader perspective no matter the environment, one security tool solution that comes to mind is Endpoint Detection and Respon...

AWS terms

Top AWS Terminology to Understand AWS Security Concepts

Logo
By: Panoptica Team
May 24, 2021

Ever feel lost in a sea of AWS terminology, acronyms and AWS cloud security concepts on Amazon web services? You’re not alone! Let’s take a look at some of the most common AWS terminology that you’ll hear when you’re learning about Amazon We...

Amazon SageMaker

Protect Your Environment When Working with Amazon SageMaker

Or Azarzar
By: Or Azarzar
May 20, 2021

Panoptica’s Research and Discoveries for Securing AWS SageMaker, a Popular Data Science Tool Disclaimer: This post includes findings from December 2020. Some of them are already fixed in production and cannot be reproduced. Amazon SageM...

AWS Authorization Misuse

Presenting the Risk in IAM Policy Evaluation: Do You Know About this AWS Authorization Misuse?

Or Azarzar
By: Or Azarzar
Mar 22, 2021

Executive Summary Our researchers discovered that AWS IAM policy evaluation logic does not work the same way as security engineers may be used with other authorization mechanisms. We outline many risky and confusing examples when using AWS groups...