ABAC in Lambda
During August 2022 we published a blog discussing AWS Security Trends of 2022 , one of which was ABAC in Lambda. AWS allows administrators to use tags to designate attributes for both IAM and AWS resources. Attribute Based Access Control, or ABAC, is a strategy to allow permissions assignment based on the value of such […]
Best Practices for Identity and Access Management When Using Google Cloud Platform
At Praetorian, one of our top priorities is looking over each client’s Identity and Access Management (IAM) structure. Several of our large clients use Google Cloud Platform (GCP), which is one of the top three cloud providers with about eight percent of the cloud services market share. During our work with GCP, we have noticed […]
AWS Security Trends of 2022: Five Themes and Why They Matter
Building securely in the cloud can feel daunting given the sheer volume of ever-changing information to review, assess, and deconflict for your business needs. For example, AWS releases countless updates, new features, and new security services around its summer security conference, re:Inforce. Praetorian analyzed all the information pertaining to AWS’s new releases and security related […]
Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS
Overview In AWS, sts:AssumeRole is an action within AWS’s Security Token Service that allows existing IAM principals to access AWS resources to which they may not already have access. For example, Role A can assume Role B and then use Role B’s privileges to access AWS resources. Common use cases include assuming a role within […]