Chester Le Bron
@123le_bron
Cybersecurity Threat Detection & Response | Cloud TDR | Basketball Coach | Opinions are my own | #BlackTechTwitter 🇵🇷
ID: 839920067164921856
https://www.linkedin.com/in/chester-le-bron-jr-bba-gcih-gsec-278b8259 09-03-2017 19:25:23
1,1K Tweet
475 Takipçi
816 Takip Edilen
🪿 Excited to work again with Tracebit - this time on real world attacks and the role canaries could play in their detection! ft. Scattered Spider (Permiso Security), Muddled Libra, and a ransomware event shared fwd:cloudsec tracebit.com/blog/canary-in… Diagrams in thread...
My Methodology to AWS Detection Engineering (Part 1: Object Selection) Chester Le Bron walks through how to apply risk based concepts to AWS detection engineering. chesterlebron.blogspot.com/2024/08/my-met…
Check out the next part in my blog series on detection engineering for AWS. This part focuses on core logic of score assignment in RBA but full disclosure, this is not exclusive to AWS but is an important necessity before getting into Part Three 👀. chesterlebron.blogspot.com/2024/08/my-met…
📖 CloudSecList Issue 253 just got released, w/ content from Trail of Bits Paul Butler @OrcaSec Rami McCarthy and more! cloudseclist.com/issues/issue-2…
D'oh, so you leaked your AWS credentials 🤦♂️ Does it matter 𝐰𝐡𝐞𝐫𝐞? It turns out there's a HUGE difference in how fast attackers will find them. Idan Ben Ari deployed canary tokens (fake AWS credentials) using Thinkst Canary to a number of different locations and analyzed:
🤖 tl;dr sec 246 🗡️ GitHub Actions Attack Diagram Adnan Khan 🤫 The Worst Places to Leak Secrets 😈 Red Team TTPs 🧠 Security Awareness & Secure Coding Tanya Janca 🤖 Tech behind @Semgrep Assistant ☁️ Cloud infra the wrong way, but faster Trail of Bits
My Methodology to AWS Detection Engineering (Part 2: Risk Assignment) by Chester Le Bron Part 1 appeared in issue 171 and was the most clicked article despite being in the bonus section with no summary. In part 2, Chester covers the key components that make up his "risk assignment