Amazon Web Services best practice rules
- NIST Cybersecurity Framework (CSF) Aligning to the NIST CSF in the AWS Cloud – https://d0.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
Scaling threat detection and response in AWS –
- AWS Security Best Practice – https://docs.aws.amazon.com/security/?sc_channel=sm&sc_campaign=Docs&sc_publisher=LINKEDIN&sc_country=Global&sc_outcome=awareness&trk=Docs_LINKEDIN&sc_content=Docs&linkId=81260524
AWS Security Tools
- Trusted Advisor
- IAM – Policy – (Explicit Deny Rights)
- AIM logging
- Well architect Best practice
Cloud Conformity covers the AWS services below according to these rules
- How to Exfiltrate AWS EC2 Data – https://labs.nettitude.com/blog/how-to-exfiltrate-aws-ec2-data/
- Pivoting via Roles and Policies.
- Modifying Lambda functions.
- Modifying CloudWatch logs.
- Exfiltrating database backups.
- Exfiltrating EC2 images and snapsho
Top Threats to Cloud Computing The Egregious 11
AWS Security Information