AWS cloud attack vectors and security controls
An insightful presentation by Kavisha Seth on understanding and identifying different attack vectors on AWS and learning about various security controls that can be implemented.
Step-by-step guides about
Cloud Security
-
![An insightful presentation by Kavisha Seth on understanding and identifying different attack vectors on AWS and learning about various security controls that can be implemented.]()
-
![Elastic IP addresses are static public IPv4 addresses provided by AWS. These can be moved or re-associated between instances and Elastic Network Adapters easily and hence, are a choice for many users for their public facing applications. This article shares 5 tips that one can consider when working with Elastic IPs.]()
5 things to consider when using AWS Elastic IP addresses
Elastic IP addresses are static public IPv4 addresses provided by AWS. These can be moved or re-associated between instances and Elastic Network Adapters easily and hence, are a choice for many users for their public facing applications. This article shares 5 tips that one can consider when working with Elastic IPs.
-
![The AWS RDS service, by default, does not enable transport layer security, allowing clients to connect insecurely if they want to. This article shows how SREs, DevOps, and RDS administrators can lower the risk that this default configuration poses.]()
Fixing the default insecure network connection option for RDS instances
The AWS RDS service, by default, does not enable transport layer security, allowing clients to connect insecurely if they want to. This article shows how SREs, DevOps, and RDS administrators can lower the risk that this default configuration poses.
-
![Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.]()
A detailed guide on protecting against the 8KB AWS WAF limitation
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
-
![GCP provides various ways by which you can SSH to a Linux compute instance, especially useful when you have firewall rules preventing external access. This article shows the 5 ways to connect to a GCP VM instance using SSH.]()
5 ways to connect to your GCP VM instances using SSH
GCP provides various ways by which you can SSH to a Linux compute instance, especially useful when you have firewall rules preventing external access. This article shows the 5 ways to connect to a GCP VM instance using SSH.
-
![Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.]()
A guide to protect against the 8KB WAF limitation in Google Cloud Armor
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
