Episode description

Links: 

• Azure has another security issue around its Synapse offering; this one was discovered by Tenable.
• Sysdig has a dive into the real threats to SSH on EC2.
• Tailscale has announced the ability to support Tailscale SSH.
• Chris Farris has a treatise on the The Philosphy of Prevention when it comes to cloud security.
• Google Cloud CISO Phil Venables asks whether security analogies are counterproductive. 
• A security issue of sorts was discovered around sts:GetSessionToken Role Chaining in AWS
• The person responsible for the giant Capital One hack that took advantage of a series of small AWS misconfigurations has been convicted.
• Rogue GitHub apps could have hijacked countless repos for a week or two earlier this year.
• Wickr for Government achieves FedRAMP Ready designation
• It takes an open source project like trackiam to collate IAM actions, AWS APIs, and managed policies from all over the place
• Passwordle lets you guess commonly used passwords.