aws

How-To: Creating Advanced AWS Credentials with IAM

In a previous post I explained how to create basic AWS Credentials with IAM.

In this post, I explain how to create Advanced AWS Credentials with IAM. As sample, I choose to use our solution Elastic Detector for Continuous Monitoring that required an advanced IAM user for enabling AWS connector.

How-To: Creating AWS EC2 ReadOnly Credentials with IAM

In order to retrieve and list your assets (Instances, Security Groups) from your Amazon Web Services EC2 account through API, Elastic Detector need ReadOnly credentials. Here is how to create such credentials using Amazon Web Services Identity and Access Management (IAM). Step 0: Login to your Amazon Web Services account through AWS Console, and open…

How to detect side-channel attacks in cloud infrastructures

Cloud Computing is a disruptive technology which brought enormous benefits. However, even if the benefits are countless, there are several security challenges, such as elasticity and multi-tenancy, which require an innovative approach. Indeed, traditional security tools are not suitable for Cloud Computing, since infrastructures can be very dynamic. Therefore, automation is the only answer to…

Elastic Vulnerability Assessment (EVA) Credentials for AWS EC2 and VPC

One of the major obstacles to Elastic Detector adoption is the step where infrastructure API credentials are asked. Security guys do not easily give their keys to strangers. We fully understand that, so we have proposed two solutions: Virtual appliance, such as an AMI on the AWS marketplace. We provide VMware (vmdk) and KVM versions…