CyberInsights Weekly #6
Your weekly dose of learnings from cybersecurity news
I. Leaky AWS buckets
A recent search by a security firm found thousands of exposed S3 buckets containing loads of sensitive information.
It is time to focus on the ‘Sec’ in DevSecOps! Here is a neat primer on S3 bucket security.
CISO Check:
Is your CI/CD pipeline capable of detecting and handling leaky buckets?
You have secured production instances. What about development and testing buckets?
Do you know if your data is exposed in your service provider’s cloud environment?
II. Big tech is going open source
Bill Gates said in 2008 - open source creates a license so that nobody can ever improve the software. In 2020, Microsoft joins the open source foundation.
Read this brilliant paper by Michael Scovetta of Microsoft on threats, risks and mitigations in the open source ecosystem.
Is this the dawn of an open source security era?
CISO Check:
How do you handle open source security?
III. Quote of the week
Compliance is not something that you do in addition to your business. Compliance is how you do your business.
Have an original interesting cybersecurity quote? Let us know in the comments and we will publish it along with your name in our quotes section.