Cloud Security Podcast

Fixing Cloud Security with AWS Lambda

Jul 23, 2024

Security expert Lily Chau discusses AWS Lambda for cloud security, auto-remediation, IAM roles, and challenges with CSPM. They cover cultural shifts, high-impact playbooks, and monitoring CloudTrail logs for security. Also, they talk about preventing subdomain takeovers, using Terraform for security, and a favorite restaurant in San Francisco.

21:25

Creator website

Episode guests

Lily Chau

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Utilize IAM roles for read-only security auditing and tagging non-compliant instances for effective tracking without relying on databases.

Implement custom auto remediation Lambda functions to proactively address security risks beyond CSPM and CNAB tools in AWS cloud environments.

Deep dives

IAM Roles for Read-Only Security Auditor and Security Tagger

Two key IAM roles are deployed in each AWS account: the read-only security auditor role for read-only configurations and the security tagger role for tagging instances that are non-compliant. Tagging instances is crucial for tracking non-compliance economically without database use. The approach emphasizes tagging instances as non-compliant or remediated.

Intro

2min

Auto Remediation in AWS Security

9min

Monitoring CloudTrail Logs and Preventing Lateral Movement in AWS

8min

Ensuring Cloud Security and Preventing Subdomain Takeover Vulnerabilities

2min

Discussion on a favorite restaurant and Cloud Security Podcast updates

2min

How to secure AWS cloud using AWS Lambda? We spoke to Lily Chau from Roku at BSidesSF about her experience and innovative approach to tackling security issues in AWS environments. From deploying IAM roles to creating impactful playbooks with AWS Lambda, Lily shared her take on automating remediation processes. We spoke about the challenges of managing cloud security with tools like CSPM and CNAPP, and how Lily and her team took a different approach that goes beyond traditional methods to achieve real-time remediation.

Guest Socials:⁠ ⁠⁠Lily Twitter

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

Questions asked:

(00:00) Introduction

(01:56) A bit about Lily

(02:27) What is Auto Remediation?

(03:56) Example of Auto Remediation

(05:19) CSPMs and Auto Remediation

(06:58) Make Auto Remediation in Cloud work for you