Cloud Security 0xCBE • 1y ago • 100%

ALFA: Automated Audit Log Forensic Analysis for Google Workspace

github.com

cross-posted from: https://infosec.pub/post/397812 > Automated Audit Log Forensic Analysis (ALFA) for Google Workspace is a tool to acquire all Google Workspace audit logs and perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework. > > By [Greg Charitonos](https://www.linkedin.com/in/charitonos/) and [BertJanCyber](https://twitter.com/BertJanCyber)

Cloud Security 0xCBE • 1y ago • 100%

Building Chainguard's container image registry

www.chainguard.dev

>We’ve made a few changes to the way we host and distribute our Images over the last year to increase security, give ourselves more control over the distribution, and most importantly to keep our costs under control [...]

Cloud Security 0xCBE • 1y ago • 100%

Kubernetes Security Basics Series Part I - Deployment and Container Orchestration

>This first post in a 9-part series on Kubernetes Security basics focuses on DevOps culture, container-related threats and how to enable the integration of security into the heart of DevOps.

AI Infosec 0xCBE • 1y ago • 85%

How To Defend Your AI Models

www.forbes.com

Not really technical, but gives some pointers to wrap your head around the problem

Cloud Security 0xCBE • 1y ago • 100%

Toyota admits to yet another cloud leak

www.theregister.com

"Toyota said it had no evidence the data had been misused, and that it discovered the misconfigured cloud system while performing a wider investigation of Toyota Connected Corporation's (TC) cloud systems. TC was also the site of two previous Toyota cloud security failures: one identified in September 2022, and another in mid-May of 2023. As was the case with the previous two cloud exposures, this latest misconfiguration was only discovered years after the fact. T**oyota admitted in this instance that records for around 260,000 domestic Japanese service incidents had been exposed to the web since 2015**. The data lately exposed was innocuous if you believe Toyota – just vehicle device IDs and some map data update files were included. "

AI Infosec 0xCBE • 1y ago • 100%

AI Risk Database

airisk.io

"database [...] specifically designed for organizations that rely on AI for their operations, providing them with a comprehensive and up-to-date overview of the risks and vulnerabilities associated with publicly available models."