From one to many: Account sprawl With an email and a credit card anyone can sign up for AWS. And everyone did to the point that, if you are part of the team managing the AWS infrastructure at your organization, you’ve had to wrestle with this for some time now.
An updated ISM has appeared. Now with 27% fewer controls.
The change log lists the controls which have changed and the justification for the change. https://acsc.gov.au/publications/ism/ISM_2018_Changes_Document.pdf
A useful one pager to compare the various security products of AWS, Azure and the usual on-prem suspects/capabilities.
So today I discovered that if you inspect the Azure AD Connector config via its GUI the config it gives you is actually about 5% of what is actually there. Specifically, the GUI doesn’t display the rules for OU filtering.
To work around this you can use the sync tool to display the OU filtering config. You’ll need to login as your in-prem AD sync user though to do this. If you don’t have those credentials then you can gather the config using the tool below and then turn it into an easier to review HTML output.
Be warned though, a small AD I ran this against produced a 3MB html file of stuff. There is A LOT of items in AADC that average admins wont ever see or hear about.
Probably more information about Windows Event Forwarding (WEF) than you will ever need.
This was news to me in a few ways; first, there’s a new DNS resource record called CAA (Certificate Authority Authorization) and second, Certificate Authorities are now required to check that record before issuing a certificate, to determine if they’re allowed to do so. Cool! What’s a CAA (Certificate Authority Authorization)? When in doubt, consult the RFC: […]