This week's articles
Inside Figma: securing internal web apps
#aws, #build, #defend
A deep-dive into how Figma built a system for securing internal web applications that lets them require SSO authentication, enforce fine-grained authorization (via Okta groups), and support CLI tools, all using ALBs, AWS Cognito, and Okta.
KONTRA's AWS Top 10
#attack, #aws, #defend, #explain
A series of free interactive security training modules that teach developers how to identify and mitigate security vulnerabilities in their AWS-hosted cloud applications.
The Unofficial GKE Security Guide
#gcp, #gke, #kubernetes
Guide which aims to help prioritize and implement a security posture that meets your organization's needs while taking advantage of all the benefits of GKE.
Leaving Bastion Hosts Behind
#defend, #design, #gcp
Post examining GCP services like OS Login and Identity-Aware Proxy (IAP), and showing how they can be used as an alternative to bastion hosts.