Blog

Community Newsletter - September 2024

Vignesh Selvaraj
Vignesh Selvaraj
October 8, 2024
Community Newsletter - September 2024

Hey everyone! Vignesh here with the latest tech update. If you want to contribute to what we're building or would like more regular weekly updates, please join our Slack community or follow us on Twitter!

Free Trial

We now offer a free trial of Common Fate for 30 days. During the trial period, our Core Team is on hand to help your team get set up and test out the platform. If you’d like to get started, click here.

Granted Browser Extension

We’ve just released a new browser extension for Granted which makes authenticating to AWS IAM Identity Center faster and more secure. The extension protects users from being phished for AWS credentials. The extension works in all Chromium-based browsers and requires Granted version 0.35 or later. To get started with the extension, install Granted and then install the extension here.

Cedar for authorization in Common Fate

Chris discussed how we use Cedar for authorization in Common Fate at fwd:cloudsec EU 2024. The recording for his talk can be found here and the slide deck can be found here.

What is Policy as Code?

PaC is the practice of managing and enforcing organizational policies through code, allowing teams to define rules and compliance requirements in a programmable format. This approach not only enhances automation but also reduces human error, ensuring that security policies are consistently applied across all environments. Check out Rowan Udell’s blog post on PaC here.

Zero Standing Privilege (ZSP)

Common Fate implements ZSP rather than standing access which is very tempting for potential attackers because not all credentials are created the same. The act of requesting time-limited permissions gives an additional layer of security on top of the usual authentication mechanisms, like strong passwords and multi-factor authentication (MFA). Read more about ZSP vs Static access here.

Common Fate v2.6

We have made some UI changes to our web console which includes improved requests viewing experience, improved integration managements and improvements to RDS proxy. For a comprehensive list of changes, please visit our changelog.

Granted Updates

Version 0.35.0 adds support for the new Granted browser extension for Chrome, which confirms the user code automatically when logging in to AWS IAM Identity Center.

In our ongoing commitment to enhancing Granted, we're excited to share additional updates:

Your voice shapes our tools. We value your feedback, suggestions, and ideas, so please don't hesitate to get in touch.

Until next time,

The Common Fate Team

Share this post
Vignesh Selvaraj
Solutions Architect