News Arrow to Content

October 10, 2017

Tools To Assess Amazon AWS services

If you have ever had to test Amazon’s AWS services from a blackbox perspective, you will quickly find out how difficult it can be to assess configurations and policies. Luckily, there are several tools that aid in this process and are listed below.

  1. prowler – Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CISAmazon Web Services Foundations Benchmark (https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
  2. nccgroup/Scout2 – Security auditing tool for AWS environments
  3. cloudsploit/scans – AWS security scanning checks
  4. The amazon inspector‍ – The default tool Amazon provides.  https://aws.amazon.com/inspector/
  5. Netflix/security_monkey – Security Monkey monitors your AWS and GCP accounts for policy changes and alertson insecure configurations
  6. Aardvark – Aardvark is a multi-account AWS IAM Access Advisor API
  7. Repokid – AWS Least Privilege for Distributed, High-Velocity Deployment
  8. DenizParlak/Zeus – AWS Auditing & Hardening Tool that aligns with CIS AWS benchmarks  http://www.denizparlak.com/?p=386
  9. Nimbostratus – Tools for fingerprinting and exploiting Amazon cloud infrastructures + video presentation and intro blog post
  10. Bucket finder – This is a fairly simple tool to run, all it requires is a wordlist and it will go off and check each word to see if that bucket name exists in the Amazon’s S3 system. Any that it finds it will check to see if the bucket is public, private or a redirect.
  11. Cloud Security Suite – One stop tool for auditing the security posture of AWS infrastructure. This tool includes Scout2, Prowler, and Lynis for assessing host configurations.
  12. Macie – Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved.  Currently on available for S3 but support for other data stores will come.

If there are any Cloud Security tools you know about or have experience using, feel free to reach out to our CSA-LA board and we will happily help create another blog post.

Thanks to the Peerlyst post who put this initial list together.

Categories: Uncategorized ||

September 21, 2017

Announcements Sept 13 2017 General Meeting

Categories: Uncategorized ||

September 20, 2017

CSA-LA Chapter Happenings for 2017

Wow, what a fast year it’s been! And now its nearly over. Here’s a quick recap for some of the highlights that I can recall.

Here’s the elected Board of Directors for 2017:

  • Kris Rides  President
  • Steve Weltman Dir of Communications
  • Kenny Totrakarn Director of Finance
  • Harry Wan Secretary
  • Danielle Kingsbury Dir of membership
  • Michael Schell Dir of sponsorship
  • Roy Zarate Dir of Education
  • Andrew Robinson Co-Director of Research
  • Sateesh Bolloju Co-Director of Research
  • Cameron Khani  Director of meeting organization 
  • Aaron Guzman Dir of Special Projects
  • Aryan Guenthner Director of Presentations

Jan Chapter Meeting was pretty good.  We had 55 people present and we met at Verizon Digital Media Services.  They’ve been great and we appreciate their continued partnership as a host location.  I presented on some of the business implications of a cloud based identity and access solution for a large financial services company.  Our meeting sponsor Centrify was well represented and brought some excellent food with them.  Thank you Steve from Centrify for sponsoring!

February 2017  We had a meeting at Cornerstone on Demand with 47 people in attendance. Our presenter, Bill Holden is an expert with Cyber Risk Insurance services and presented on the complexities of data assurance.

March 2017 We were fortunate again to be hosted by Cornerstone on Demand with about 44 people in attendance.  Our presenter, Charles Johnson, InfoSec Solutions Architect, AlertLogic presented on ‘What to focus on while securing workloads in the cloud’. After, there was an excellent Q&A session covering a multitude of topics.

April 2017 We were promised an authentic Hawaiian Luau however this did not come of fruition (Something about the Fire Marshall orders and a fire pit inside of Verizon Digital Media’s location).  Our speaker, Munya Kanaventi the Sr. Director Information Security Management at Sony DADC New Media Solutions presented on How key management could be used to avoid security risks in cloud based applications and infrastructure services.

Fast forward to September 2017, and the CSA-LA was hosted again by Verizon Digital Media Services.  Our new Diamond Sponsor, CyberArk sent their best and brightest to present on ‘Credential Management in Ephemeral Environments’. Evan Litwak was an amazing presenter and the location hosted 32 people for this meeting. Thank you again, CyberArk!

 

Categories: Uncategorized ||

January 18, 2015

Chapter Leadership Team for 2015

Members of the Los Angeles/SoCal CSA Chapter:

I’m pleased to announce our leadership team for 2015. There were no contested positions, so all the roles were filled through acclamation. We had a few changes, the most significant Gary Landau not running again for president and Marco Tietz taking over as the chapter leader. Thankfully Gary has decided to continue supporting the board and staying on as secretary.

The following board members have decided to focus their activities on other fields and we want to thank them for the contributions to the CSA in the previous year: Shannon Parks, Peter Tshimanga, and Chengwei Cheng.

We’ve added three additional board members, Kooper Macleay, Kenny Totrakarn, and Aryan Guenthner. Their roles along with the rest of the board members are listed below.

For 2015, our team has already begun working on a few items, which we mention below

  • Chapter President, Marco Tietz
    Coordinate board member activities and ensure chapter keeps on track with agreed upon focus area. Identify ways to increase chapter’s recognition and membership stature in the cloud industry.
  • Secretary of the board, Gary Landau
    Ensure chapter meets CSA organization requirements.
  • Director of Communications, Kooper Macleay
    Send out chapter announcements and meeting notices. Maintain chapter website and presence on social networking sites.
  • Director of Finance, Kenny Totrakarn
    Seek out sponsors to cover chapter costs and fund initiatives. Establish guidelines for vendor fees to cover meeting costs and build chapter fund. Manage the dispersing of chapter funds for agreed upon uses.
  • Director of Meeting Organization, Chris Herrera
    Arrange location with parking and conference room for chapter meetings and presentations.
  • Director of Membership and Special Projects, Kris Rides
    Manage memberships to ensure retention of existing members and outreach to IT security and cloud practitioners to recruit new memberships. Work with other Directors and chapter members to develop and execute a Board approved Membership portfolio Strategic Plan, in concert with the focus of the chapter.
  • Director of Presentations, Aryan Guenthner
    Seek out vendors and speakers to present at chapter meetings.
  • Director of Research, Aaron Guzman
    Dedicated contact for CSA research activities.

 

2014 has been another successful year for our chapter – this was our first complete year as a formally certified chapter and the membership has grown to 260 members. We’re looking forward to doing more in 2015 and some of the items we’ve started working on are: build relationships with the entertainment industry and ensure cloud security is represented accurately in that field. Additionally we are looking to organize formal training to help our members achieving the CCSK certification.

We look forward to seeing you at the next meeting of 2015 on February 11th.
Regards,
You Chapter Leadership Team

Categories: Uncategorized ||

December 11, 2013

Chapter Leadership Team for 2014

Members of the Los Angeles/SoCal CSA Chapter:

I’m pleased to announce our leadership team for 2014. There were no contested positions, so all the roles were filled through acclamation. The incumbent leaders have stayed on for another year and we’ve added three additional board members, Aaron Guzman, Marco Tietz and Shannon Parks. Their roles along with the rest of the board members are listed below. For 2014, our team has already begun working on a few items, which I mention below and Kenny Totrakarn has also joined as an assistant to the board and will be helping us achieve our 2014 goals.

  • Chapter President, Gary Landau
    Coordinate board member activities and ensure chapter keeps on track with agreed upon focus area. Identify ways to increase chapter’s recognition and membership stature in the cloud industry. Ensure chapter meets CSA organization requirements.
  • Director of Communications, Kris Rides
    Send out chapter announcements and meeting notices. Maintain chapter website and presence on social networking sites.
  • Director of Finance, Shannon Parks
    Seek out sponsors to cover chapter costs and fund initiatives. Establish guidelines for vendor fees to cover meeting costs and build chapter fund. Manage the dispersing of chapter funds for agreed upon uses.
  • Director of Meeting Organization, Chris Herrera
    Arrange location with parking and conference room for chapter meetings and presentations.
  • Director of Membership, Peter Tshimanga
    Manage memberships to ensure retention of existing members and outreach to IT security and cloud practitioners to recruit new memberships. Work with other Directors and chapter members to develop and execute a Board approved Membership portfolio Strategic Plan, in concert with the focus of the chapter.
  • Director of Presentations, Chengwei Cheng
    Seek out vendors and speakers to present at chapter meetings.
  • Co-Director of Presentations, Aaron Guzman
    Seek out vendors and speakers to present at chapter meetings.
  • Director of Chapter Website, Marco Tietz
    Web master for the chapter website. Supporting HTML, CSS and plug-ins.

2013 has been a successful year for our chapter – our chapter was formally certified in November and the membership has grown to 157 members. We’re looking forward to doing more in 2014 and some of the items we’ve started working on are: We’d like to get a consensus from the members on our chapter focus/initiative and we have some ideas to discuss at the January meeting; we are putting more attention toward building our pipeline of presentations and presenters; and we will be creating our official chapter website.

We look forward to seeing you at the first meeting of 2014 on January 8th.
Regards,
You Chapter Leadership Team

Categories: Uncategorized ||

Page Dividing Line