Explore Ten Ways to Secure The Cloud

Explore Ten Effective Ways to Secure The Cloud Sena YAKUT
December, 2023

• Senior Cloud Security Engineer @Lyrebird Studio • DevSecOps Team
Lead & Senior CloudSec Engineer @PurpleBox • Cyber Security & CloudSec Engineer @Vestel • Master @Ege University About me! senayakut.com /sena-yakut Security & Identity @sena_yakutt

• Cloud security statistics • Do not use publicly accessible
cloud resources • Be careful in IAM • Encrypt your data • Use CSPM tools • Secure your endpoints • Enable logging & monitoring & alerting • Use threat intelligence solutions • Prepare a vulnerability management plan • Train your staff • Prepare an incident response plan OVERVIEW

Cloud security statistics

Do not use publicly accessible cloud resources •Data protection. •Our
data is our data. •Minimizing attack surface. •Avoiding Accidental Exposure (your config files, credentials, PII files etc.). •Cloud providers are more solution-oriented for this: •S3 private by default.

Do not use publicly accessible cloud resources •Deny all access.
•Use VPN restrictions for your cloud resources. •Do not use open ports for your management. •Do not use publicly accessible admin panels or internal services. •Review your cloud resources regularly for accidental public operations.

Do not use publicly accessible cloud resources • Pegasus Airlines
Leaked 6.5TB of Data in AWS S3 Bucket Mess Up • more than 3 million sensitive flight data files, including flight charts/revisions, pre-flight checks-related issues’ details • more than 1.6 million files contained the airline crew’s PII

Do not use publicly accessible cloud resources • Twilio: An
exposed S3 bucket enables attackers to inject malicious code • TaskRouter JS SDK Security Incident • not properly configured the access policy for one of AWS S3 buckets

Be careful in IAM •Identity and Access Management is the
key for cloud resources. •Always follow the “at least privilege principle” •Always start with deny. •Use conditions for restrictions. •Do not hardcode any IAM credentials (AWS access key, secret key..)

Be careful in IAM •Always think SSO (Single Sign On).
•Always enable MFA. •Use temporary credentials for access (roles, policies, session tokens.) •Regularly review your IAM components. •Use automation for controls and denies.

Encrypt your data •Encrypt everything. •Encryption in rest. • Databases,
objects, etc. •Encryption in transit. • HTTPS –TLS configs.

Encrypt your data

Use CSPM tools •Cloud Security Posture Management = visibility. •Identify
security violations. •Monitor security regulations & policies. •Identify unused resources. •Remediation is easier.

Use CSPM tools •Prowler •ScoutSuite •CloudSploit • Security Auditor Role.
• You need to prioritize findings based on your needs.

Use CSPM tools

Secure your endpoints •API security is still an issue. •We
need to be careful about our external endpoints. •Always think about using internal services first. •Open ports •Scan endpoints continuously, and ensure systems can analyze and respond to anomalous behavior. •Patching regularly.

Enable logging & monitoring & alerting •Log & monitor everything
that could be an anomaly for your system. •Incident Detection. •Performance Monitoring: Helps in monitoring system performance and can alert to anomalies that might signify a security issue, such as a denial-of-service attack.

Enable logging & monitoring & alerting •Accountability and Forensics: In
the event of a breach, logs are essential for understanding what happened. •User Behavior Analytics: Normal user or account breaching. •Compliance: Meets regulatory and compliance requirements

Enable logging & monitoring & alerting

Use threat intelligence solutions •Threat intelligence solutions are essential for
cloud security. •With AI, we’re stronger in security. •Threat awareness. •Security posture improvement. •Risk assessment.

Use threat intelligence solutions

Prepare a vulnerability management plan •Lots of cloud services, and
lots of vulnerabilities. •We need a plan for prioritization, assessment, and all processes.

Train your staff •Training is everything for cloud security. •Lack
of skills. •Every day, there is a new update in the cloud, in the services. •Lots of services, lots of features. •Lots of cloud providers!

Prepare an incident response plan •Rapid response to security incidents.
•Structured and organized approach. •Adaptability to emerging threats.

Explore Ten Ways to Secure The Cloud

Explore Ten Ways to Secure The Cloud

Sena Yakut

More Decks by Sena Yakut

Featured

Transcript

Explore Ten Effective Ways to Secure The Cloud Sena YAKUT

• Senior Cloud Security Engineer @Lyrebird Studio • DevSecOps Team

• Cloud security statistics • Do not use publicly accessible

Cloud security statistics

Cloud security statistics

Cloud security statistics

Cloud security statistics

Do not use publicly accessible cloud resources •Data protection. •Our

Do not use publicly accessible cloud resources •Deny all access.

Do not use publicly accessible cloud resources • Pegasus Airlines

Do not use publicly accessible cloud resources • Twilio: An

Be careful in IAM •Identity and Access Management is the

Be careful in IAM •Always think SSO (Single Sign On).

Encrypt your data •Encrypt everything. •Encryption in rest. • Databases,

Encrypt your data

Use CSPM tools •Cloud Security Posture Management = visibility. •Identify

Use CSPM tools •Prowler •ScoutSuite •CloudSploit • Security Auditor Role.

Use CSPM tools

Secure your endpoints •API security is still an issue. •We

Enable logging & monitoring & alerting •Log & monitor everything

Enable logging & monitoring & alerting •Accountability and Forensics: In

Enable logging & monitoring & alerting

Use threat intelligence solutions •Threat intelligence solutions are essential for

Use threat intelligence solutions

Prepare a vulnerability management plan •Lots of cloud services, and

Train your staff •Training is everything for cloud security. •Lack

Prepare an incident response plan •Rapid response to security incidents.