A deep-dive into how Figma built a system for securing internal web applications that lets them require SSO authentication, enforce fine-grained authorization (via Okta groups), and support CLI tools, all using ALBs, AWS Cognito, and Okta.

Part 2 of the "Threat Hunting with Kubernetes Audit Logs" series, which explains how to use the MITRE ATT&CK framework to hunt for attackers in your Kubernetes audit logs.

What is AWS Firewall Manger and how can it help you secure your organization?

A series of free interactive security training modules that teach developers how to identify and mitigate security vulnerabilities in their AWS-hosted cloud applications.

Post taking a closer look at the "aws:CalledVia*" and "aws:ViaAWSService" keys, and how you can use them to achieve least privilege.

Walk through a graphical explanation for how SCPs function and provide an approach for following AWS's design in applying least privilege in an ever increasing way.

Guide which aims to help prioritize and implement a security posture that meets your organization's needs while taking advantage of all the benefits of GKE.

Post examining GCP services like OS Login and Identity-Aware Proxy (IAP), and showing how they can be used as an alternative to bastion hosts.

How to add and use encrypted secrets in custom Helm charts.

A technical update on how Sigstore is integrating The Update Framework into the Sigstore projects and infrastructure.

Test if your Kubernetes cluster is deployed securely as defined in NSA's Kubernetes Hardening Guidance.

Think of it as a swiss army knife for Kubernetes tasks.

Cloud Katana is a cloud native tool developed from the need to automate the execution of simulation steps in multi-cloud and hybrid cloud environments.

This script will crawl your entire GCP Organization and inform you of any API keys over 90 days that need to be rotated.

Post discussing the benefits of using an attribute-based access control (ABAC) strategy and describing how to use ABAC with AWS Single Sign-On (AWS SSO) when you're using Okta as an identity provider (IdP).

Post outlining common free trial abuse attack vectors and presents prevention techniques. It also shows how to incorporate Amazon Fraud Detector into your architecture to catch free trial abuse faster and more frequently.

AWS customers can use ED25519 keys to prove their identity when connecting to EC2 instances. ED25519 is an elliptic curve based public-key system commonly used for SSH authentication.

Using AWS CodeBuild, you can now share both the logs and the artifacts produced by CodeBuild projects. This blog post explains how to configure an existing CodeBuild project to enable public builds.

Change Manager, a capability of AWS Systems Manager, now allows you to specify AWS Identity and Access Management (IAM) role as approvers for change requests and change templates.

Collect and preserve vital evidence for the digital forensic process while the incident response team resolves an incident.

View contextual Monitoring data in your GKE log lines. Easily see the relevant pod, node and cluster events and metrics for your pod.

Post highlighting several best practices for security practitioners and platform teams to use with setting-up, configuring, deploying, and operating a security-centric infrastructure for their organization.

Backup, high availability, and replication all play key roles in making your applications fault-tolerant.

The financial industry is looking at the cloud as a key technology that can improve performance across a broad range of activities.

In this review, the Azure DDoS Protection team shares trends and insights into DDoS attacks they observed and mitigated throughout the first half of 2021.

Microsoft announced the general availability of Azure Government Top Secret, committing to bring commercial innovation to government customers across all data classifications.

Microsoft introduced a new API endpoint which allows to manage Azure Sentinel instances seamlessly on a workspace through the API. The endpoint provides a single source of truth for performing the different operations required for a complete creation/deletion (aka onboarding/offboarding) of Azure Sentinel on a workspace.