Episode description
This episode is sponsored in part by the Google for Startups Cloud Program
Links:
- CircleCI came out with a security alert urging you to rotate any secrets stored in CircleCI.
- Another bite at the craptastic LastPass breach response, this article parses their weak-sauce PR statement
- Over the holidays Slack had some private GitHub code repositories stolen.
- ACSESSED is another Azure vulnerability
- Amazon S3 Encrypts New Objects By Default
- Updated whitepaper available: AWS Security Incident Response Guide
- iamfast analyzes your application code to generate a least-privilege IAM policy.
- Wiz has come up with and open sourced PEACH, a tenant isolation framework for cloud applications.