Our Support For Cloudsplaining
We’re proud to announce that Cloud Security Partners will be forking and maintaining Cloudsplaining, the popular cloud IAM tool. Open source and giving back to the community are very important to us and something we try to do often via contributions and free training!
The cloud security community has built some amazing tools from Prowler to Parliment and obviously, Cloudsplaining. Cloudsplaining plays an important role in that it gives security teams insight into their IAM policies and possible misconfigurations. During our security assessments, misconfigured IAM is one of the most common findings we see. From overly privileged policies to data exfiltration methods, we see a large number of misconfigurations that can subtly allow malicious insiders or outsiders to access data.
Recently, Salesforce where Cloudsplaining was originally developed by Kinnaird McQuade, archived the repository, meaning there will be no more updates or maintenance. We’ve decided to take on a fork of the repository and ongoing maintenance and new features. We have pulled together a team of passionate open source developers and we’ll be funding ongoing development. We look forward to continuing the great work by the team that’s maintained Cloudsplaining and working with anyone else that wants to help with the maintenance and development. And, of course, it will always be open source and free!
UP NEXT
The Security Benefits of Infrastructure as Code
We have developed and delivered new ways to deliver infrastructure quickly and without these misconfigurations. Prevention is the only cure; we’ll talk about how you can implement this today.
OIDC for GitHub Actions
At Cloud Security Partners, we perform a lot of code reviews and Cloud Security Assessments. During these engagements, we see many different CI/CD patterns that cause us to raise our eyebrows. One situation in particular that we encounter relatively often is the unsafe use of AWS credentials. The CIS Benchmark for AWS indicates that Access Keys must be rotated every 90 days. And generally, IAM users should be avoided, instead roles should be utilized. OpenID Connect is an authentication standard
Show More >