Cybr

Can you answer these questions about your infrastructure right now? 🤔

❓ Who changed your production database config last month?
❓ Do you have any configuration drift in your environment?
❓ Are there hardcoded secrets sitting in your IaC repos?

If you're hesitating on any of these... you've got security gaps that will probably fail your next audit (and that attackers might find and use to their advantage)

If you haven't seen it yet, just dropped a new video breaking down the 5 most common IaC security issues and exactly how to fix them 👇

https://youtu.be/SNR1TA0pELU

Any other issues you've seen with IaC? LMK in the comments

1 month ago | [YT] | 1

Cybr

🧪 Pentesting AWS Lambda with CloudFox -> FREE new lab!

Leveraging the automated cloud-focused pentesting tool CloudFox, learn how to uncover Lambda security issues. You’ll identify exposed secrets and misconfigurations in serverless applications in order to find and capture a flag!

🗺️ Learning Objectives
📍 Use CloudFox to enumerate and assess Lambda functions
📍 Identify exposed environment variables and public access misconfigurations
📍 Analyze Lambda security configurations for vulnerabilities
📍 Generate actionable security findings

👉 Launch it for FREE now: cybr.com/hands-on-labs/lab/pentesting-aws-lambda-w…

1 month ago | [YT] | 12

Cybr

Introduction to AWS Lambda Enumeration 👇👇👇

In our FREE 🧪 Hands-On Lab, step into the role of a security analyst tasked with auditing AWS Lambda functions in an environment with incomplete documentation and potential misconfigurations.

Using the AWS CLI, you’ll enumerate all deployed Lambda functions, extract configuration details, analyze environment variables, and download function code to uncover common security issues such as hardcoded credentials, overly permissive IAM roles, and publicly accessible functions.

This lab is designed to teach you practical enumeration techniques used in real-world cloud security assessments and prepare you to spot risks that could lead to data exposure or privilege escalation.

All it requires is a free Cybr account. No payment or credit card required. Launch it now and capture the flag ⛳️!
➡️ cybr.com/hands-on-labs/lab/introduction-to-aws-lam…

1 month ago | [YT] | 19

Cybr

Learn how attackers exploit AWS Lambda functions with real-world attack vectors and techniques.

This course is entirely made up of 1-click deploy 🧪 Hands-On Labs featuring vulnerable Lambda environments that will teach you how to identify and exploit serverless security weaknesses.

Each lab deploys real AWS environments where you'll practice Lambda enumeration, exploitation, and privilege escalation techniques.

The labs include CTF-style challenges that will test your skills by providing realistic scenarios for you to capture the flag.

Good luck and have fun! 🫡

Enroll in course ➡️ cybr.com/courses/aws-lambda-security-labs/

2 months ago | [YT] | 11

Cybr

Regardless of whether you’re a large company, SMB, or running a personal AWS account, you should be using AWS Identity Center. Not IAM users.

“But why? Why do you keep telling us we shouldn't be using IAM users anymore? What's the deal with Identity Center, and why should I use it when I’m not some large enterprise?”

I still get a lot of questions like this about IAM Identity Center, and I don't blame you if you find it confusing. Frankly, AWS has made it seem a lot more complicated than they needed to. They use enterprise-y language to promote it, but the reality is that just about everyone should be using it, even down to personal accounts.

I outline exactly why in this brand new cheat sheet, including how to get started with using it.

We also have a free tutorial that guides you step-by-step on how to set it up both in the AWS Console and how to use it with the AWS CLI. Access it here for FREE -> cybr.com/courses/aws-certified-security-specialty-… (you just need to be logged in to access)

2 months ago | [YT] | 13

Cybr

What is a key limitation of AWS Audit Manager that organizations should understand?

3 months ago | [YT] | 3

Cybr

In an EventBridge rule for AWS Config events, what does the following event pattern filter accomplish?

{
"source": ["aws.config"],
"detail-type": ["Config Configuration Item Change"],
"detail": {
"messageType": ["ConfigurationItemChangeNotification"],
"configurationItem": {
"resourceType": ["AWS::S3::Bucket"]
},
"configurationItemDiff": {
"changeType": ["UPDATE"]
}
}
}

3 months ago | [YT] | 6

Cybr

An organization wants to centrally manage AWS WAF rules across all accounts in their organization. Which service combination would be most appropriate?

3 months ago | [YT] | 4

Cybr

An organization wants to deploy the same security baseline (AWS Config rules, CloudTrail, GuardDuty) across all accounts in multiple OUs within their organization. Which CloudFormation feature would be most appropriate?

3 months ago | [YT] | 2

Cybr

You asked for it, and it's here: Cybr now offers multi-cloud security training! Introducing our first Azure course 🎉🥳

​🛡️ Getting Started with Microsoft Defender for Cloud​

Learn how to use Microsoft Defender for Cloud, a cloud-native application protection platform (CNAPP) that provides security posture management and workload protection for Azure, AWS, GCP, and on-premises environments. You'll learn to configure security policies, implement compliance frameworks like NIST 800-53, protect various workloads including VMs, containers, and storage accounts, and automate incident response using Logic Apps and workflow automation.

Enroll today: cybr.com/courses/getting-started-with-microsoft-de…

3 months ago | [YT] | 3