Tips from the Figma security team to help other teams secure Systems Manager and protect their most sensitive data.

Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances (ACI) that could potentially allow a user to access other customers information in the ACI service. Microsoft's investigation surfaced no unauthorized access to customer data. You can also check the original post disclosing the vulnerability and another that explains What to do? to address it.

Talk exploring serverless open source tools and other cloud-native options that allow you to automate your cloud security without the need for human interaction.

mTLS is a hot topic in the Kubernetes world, especially for anyone tasked with getting "encryption in transit" for their applications. But what is mTLS, what kind of security does it provide, and why would you want it? This guide walks through exactly what mTLS is, how it relates to ordinary TLS, and why it's relevant to Kubernetes.

Visualize Kubernetes cost calculations in an interactive way.

A collection of resources and notes useful for pentest and red team engagements against Azure.

A a deep dive into Elastic Infosec team's architecture, the many sources of data collected for security uses, how and why cross-cluster search is used, and how to configure Elastic Security and machine learning to work with cross-cluster search.

Auto-Config is a highly scalable method to distribute secure properties and other configuration settings to all Consul agents in a datacenter.

Post covering the features of the security profile operator and how to use it.

If you want to switch from classic CI/CD environments to GitOps, then you can choose from any of a large number of available tools. However, it is not always easy to tell which features they support and how suitable they are for your project at first glance. This article provides help in making a decision.

How to apply GitOps on multiple private Kubernetes cluster with a single Argo CD installation.

go-discover is a Go (golang) library and command line tool to discover ip addresses of nodes in cloud environments based on meta information like tags provided by the environment.

An add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks.

A tool for building container images within your Kubernetes cluster.

A tool for creating multi-node Kubernetes clusters on a Linux machine using kubeadm & systemd-nspawn.

Just added a page to CloudSecDocs providing a summary of the "Building an AWS Perimeter Whitepaper" released in July 2021.

Two architecture design options, which collect Security Hub findings across Regions. You can make these findings searchable, and build multiple visualization dashboards using analytics and BI Tools in order to gain insights.

Post reviewing the latest S3 features and AWS services that you can use to help secure your data in S3, including organization-wide preventative controls such as SCPs.

How to automatically detect anomalies in the AWS WAF metrics to improve your visibility into AWS WAF activity, identify malicious activity, and simplify your investigations.

How to set up a modified multi-Region DR strategy that uses one Region and AWS Outposts to ensure the resiliency of your workload and address data residency requirements.

Currently Network Intelligence Center has four modules: Network Topology, Connectivity Tests, Performance Dashboard, and Firewall Insights.

Post going over GCP's new CA Service in a practical way by using infrastructure as code to deploy a demo.

Google Cloud Asset Inventory is a service that allows you to view, monitor, and analyse your GCP assets, giving you the option to export a snapshot of your entire inventory at any point of time.

Learn the cluster operator best practices for isolation in Azure Kubernetes Service (AKS).

The ADX Health Playbook compares the number of logs in your Azure Sentinel tables and ADX tables periodically and sends you a warning via email if it detects a difference in the number of logs that may require your attention.

ASDET provides a security analyst a complete set of tools to explore any security log dataset programmatically instead of manually.

Post exploring the new "Alert enrichment" in Azure Sentinel Analytics and giving a deep dive into the "Alert details" dynamic content ability.