Conference Talks – November 2020

This month, members of NCC Group will be presenting their work at the following conferences: Sourya Biswas, "Cybersecurity is War: Lessons from Historical Conflicts," to be presented at BSidesCT (Virtual - November 14 2020) Ian Coldwater (Independent), Duffie Cooley, Brad Geesaman (Darkbit), and Rory McCune (NCC Group), "Keynote: SIG-Honk AMA Panel: Hacking and Hardening in … Continue reading Conference Talks – November 2020

Tool Release – ScoutSuite 5.10

We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)! Notable improvements and features include: CoreBreaking change: support for Python 3.5 has been deprecatedMoved unit tests from nose to pytest & improved coverageBug fixes and improved error handlingAWSCreated a ruleset for the AWS CIS Benchmark version 1.2Can … Continue reading Tool Release – ScoutSuite 5.10

Conference Talks – September 2020

This month, NCC Group researchers will be presenting their work at the following conferences: Rami McCarthy, "AWS Security: Easy Wins and Enterprise Scale," to be presented at BSides Boston (Virtual - September 26 2020)Dirk-Jan Mollema, "Walking Your Dog in Multiple Forests: Breaking AD Trust Boundaries through Kerberos Vulnerabilities," to be presented at Black Hat Asia … Continue reading Conference Talks – September 2020

The Extended AWS Security Ramp-Up Guide

On November 25th, AWS released the Ramp-Up Learning Guide for AWS Cloud Security, Governance, and Compliance. The Security Ramp-Up is a curated list of educational AWS resources. The goal is "to teach in-demand cloud skills and real-world knowledge that you can rely on to keep up with cloud security, governance, and compliance developments and grow … Continue reading The Extended AWS Security Ramp-Up Guide