AWS |
lambdaタグが付けられた新着投稿 - Qiita |
cdkv2を使ってLambdaオーソライザ―を作ってHTTPAPIでcognitoのグループを使った認可を試したメモ |
https://qiita.com/hibohiboo/items/960f713897cfc3b41501
|
cognito |
2022-08-07 18:35:19 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
pythonデスクトップアプリの作り方簡単にまとめてみた |
https://qiita.com/ma164/items/f1c0d90b3464367e31cb
|
自動車メーカー |
2022-08-07 18:56:05 |
js |
JavaScriptタグが付けられた新着投稿 - Qiita |
独習JavaScript(7章 スコープ) |
https://qiita.com/kometaroimo/items/78c4faf1977b6829f6a0
|
javascript |
2022-08-07 18:59:57 |
js |
JavaScriptタグが付けられた新着投稿 - Qiita |
最小限のSSR付きSPAフレームワークを作ってみた |
https://qiita.com/riafeed/items/bb8013f1bdbbef38e68c
|
作ってみた |
2022-08-07 18:26:30 |
js |
JavaScriptタグが付けられた新着投稿 - Qiita |
GA4が導入されているかを外側からチェックするブックマークレット(GTM利用サイトの場合) |
https://qiita.com/YUTA_NARIKAWA_JAPAN/items/d635ae10af3c9cdb17c2
|
google |
2022-08-07 18:08:45 |
GCP |
gcpタグが付けられた新着投稿 - Qiita |
GCEへのSSH接続の各種方法について、IAMロールやSSH認証鍵などの仕様まとめ |
https://qiita.com/r-dohara/items/6e95ea37ab6b27199ee7
|
googlecomputeengine |
2022-08-07 18:59:50 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
Deviseを使った時に複数画像の削除機能が効かなくなったときにしたこと |
https://qiita.com/delicha/items/b347bcf46fa1e335bbfc
|
registrationsed |
2022-08-07 18:45:22 |
海外TECH |
DEV Community |
Detecting intrusion in DevOps environments with AWS canary tokens |
https://dev.to/rishitashaw/detecting-intrusion-in-devops-environments-with-aws-canary-tokens-5a30
|
Detecting intrusion in DevOps environments with AWS canary tokensOn th July Mackenzie Jackson and Eric Fourrier hosted a live webinar on Intrusion detection in DevOps environments with AWS canary tokens They also talked about the launch of ggcanary or the GitGuardian Canary Tokens and an awesome demo It was inspiring to hear about their journey and what they do so I decided to sum up what I learned over the course of the seminar Here are some of the important links that you might need to understand things clearly WebinarYouTubeBlogGitHubEvery stage of the DevOps pipeline is now an attractive target for attackers Starting from Planning Jira slack Figma etc to code vs code JetBrains etc testing Jenkins GitLab etc package Docker hub nexus etc security synk vercode etc to deployment chef ansible etc and monitoring grafna datadog etc To understand thing in detail you need to know what supply chain attack isSupply chain attacks A supply chain attack also called a value chain or third party attack occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data This has dramatically changed the attack surface of the typical enterprise in the past few years with more suppliers and service providers touching sensitive data than ever before Example of supply chain attack Codecov breachCodecov customers environment variables were sent to a remote server by sophisticated attackers who exploited a mistake with the way Codecov builds docker images According to other disclosures the attackers were able to access private git repositories using the git credentials in the CI environment and then exploit the secrets and data contained there You can read more about it here linkDetecting intrusion in the supply chainIt can be done in several ways Most popular ones arenetwork based A network based intrusion detection system NIDS detects malicious traffic on a network NIDS usually requires promiscuous network access in order to analyze all traffic including all unicast traffic host based A host based intrusion detection system is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces similar to the way a network based intrusion detection system operates canary or honey token based A canary token is a file URL API key or other resources that are monitored for access Once the resource has been accessed an alert is triggered notifying the object owner of said access Typically canary tokens are used within an environment to help defenders identify a compromised system or a resource that should not be accessed At the point of file access an e mail or some other type of notification can be triggered to notify the system owner and then appropriate responses can occur How to detect compromised developer and DevOps environments with canary tokens Canary tokens can be created and deployed in your code repositories CI CD pipelines project management and ticketing systems like Jira or even instant messaging tools like Slack When triggered canary tokens can help alert you of an intrusion in your developer environments ggcanary tokensAWS credentials are used as honey tokens in ggcanary an intrusion detection system by GitGuardian Today s software factories are complex and there are a lot of DevOps tools that make it difficult to detect compromises With ggcanary we believe security and detection engineers can increase their chances of catching intrusion in this part of their organization by deliberately exposing AWS credentials key features of ggcanary tokensuse terraform to manage canary token infrastructuredeploy up to canary tokenstrack every action on AWS CloudTrail logsget real time email alerts if tokens are triggeredggcanary leverages current techs like Terraform and AWSWhy use aws secrets as canary tokens AWS secret keys are among the top most leaked secretspopular opensource secret scanner support AWS keysHow does it work under the hood This simple architectural diagram explains the data flow Visit the GitHub repo for a deeper dive into the code ConclusionGgcanary is the easiest solution for security teams to create and manage AWS honey tokens on a large scale It is an innovative and brilliant approach to securing software supply chains like Source Control Management SCM systems Continuous Integration and Continuous Deployment CI CD pipelines and software artifact registries as entry points Overall the webinar was an extremely informative event that will undoubtedly influence my view on development from now on The speaker was very articulate and knowledgeable while remaining interesting throughout which maintained the audience s attention Time well spent |
2022-08-07 09:40:58 |
ニュース |
BBC News - Home |
Strictly Come Dancing 2022: Paralympian Ellie Simmonds joins line-up |
https://www.bbc.co.uk/news/entertainment-arts-62407451?at_medium=RSS&at_campaign=KARANGA
|
dancing |
2022-08-07 09:08:12 |
北海道 |
北海道新聞 |
ゴルフ、堀川が通算3勝目 日本プロ選手権最終日 |
https://www.hokkaido-np.co.jp/article/715256/
|
静岡県 |
2022-08-07 18:20:27 |
北海道 |
北海道新聞 |
道南在住の533人感染 新型コロナ |
https://www.hokkaido-np.co.jp/article/715250/
|
道南 |
2022-08-07 18:34:15 |
北海道 |
北海道新聞 |
市田ひろみさん死去、90歳 服飾評論家、和装の振興に尽力 |
https://www.hokkaido-np.co.jp/article/715275/
|
市田ひろみ |
2022-08-07 18:18:00 |
北海道 |
北海道新聞 |
日本は敗れて1勝1敗に 日米対抗ソフトボール |
https://www.hokkaido-np.co.jp/article/715274/
|
国際親善試合 |
2022-08-07 18:18:00 |
北海道 |
北海道新聞 |
船炎上、乗船の7人救助 神奈川・三浦市沖 |
https://www.hokkaido-np.co.jp/article/715270/
|
神奈川県三浦市晴海町 |
2022-08-07 18:09:00 |
北海道 |
北海道新聞 |
北日本で激しい雨 土砂災害、増水に警戒 |
https://www.hokkaido-np.co.jp/article/715269/
|
非常に激しい雨 |
2022-08-07 18:08:00 |
北海道 |
北海道新聞 |
将棋、永瀬王座が準決勝へ JT杯、糸谷八段に勝利 |
https://www.hokkaido-np.co.jp/article/715268/
|
将棋日本シリーズ |
2022-08-07 18:02:00 |
コメント
コメントを投稿