Amazon Web Services best practice rules
Cloud Conformity covers the AWS services below according to these rules
- NIST Cybersecurity Framework (CSF) Aligning to the NIST CSF in the AWS Cloud – https://d0.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
AWS Security Tools
- Trusted Advisor
- IAM – Policy – (Explicit Deny Rights)
- AIM logging
- Well architect Best practice
- How to Exfiltrate AWS EC2 Data – https://labs.nettitude.com/blog/how-to-exfiltrate-aws-ec2-data/
- Pivoting via Roles and Policies.
- Modifying Lambda functions.
- Modifying CloudWatch logs.
- Exfiltrating database backups.
- Exfiltrating EC2 images and snapsho