The interactions between Amazon Web Services (AWS) users, services and resources are governed by policies implemented in AWS Identity and Access Management (IAM). Duo Labs is releasing a first-of-its-kind open-source tool which automates the evaluation of IAM policies: Parliament.
We’re excited to announce cloudtrail-partitioner which automatically organizes your CloudTrail logs in a format suitable for quick, cheap and simple querying with Athena.
Introducing continuous auditing with CloudMapper. Duo monitors its AWS environment in real-time using CloudWatch Events and CloudTrail logs, but there was some additional detection capabilities in CloudMapper that we wanted to benefit from on a more regular basis than whenever someone took the time to manually run CloudMapper.
It's not just S3 buckets that are exposed. Duo's security research team found a number of other publicly available Amazon Web Services (AWS) resources, including cloud backup and misconfigured servers.
We analyzed the security of several third-party AWS S3 tools to find out why so many S3 buckets with sensitive information have been made public, seemingly unintentionally. Here's what we found.