Episode description

This episode is sponsored in part by the Google for Startups Cloud Program

Links:

• CircleCI came out with a security alert urging you to rotate any secrets stored in CircleCI.
• Another bite at the craptastic LastPass breach response, this article parses their weak-sauce PR statement 
• Over the holidays Slack had some private GitHub code repositories stolen.
• ACSESSED is another Azure vulnerability
• Amazon S3 Encrypts New Objects By Default 
• Updated whitepaper available: AWS Security Incident Response Guide
• iamfast analyzes your application code to generate a least-privilege IAM policy.
• Wiz has come up with and open sourced PEACH, a tenant isolation framework for cloud applications.