Blog post introducing Snare, Netflix's Detection, Enrichment, and Response platform for handling cloud security related findings. Snare is responsible for receiving millions of records a minute, analyzing, alerting, and responding to them.

All you need to learn to get started with Falco.

Blog exploring one of the key principles of Zero Trust, around authenticating and authorizing every request before a service is allowed to access a resource, and defining a simple OPA policy that demonstrates how service to service communication can be protected.

A few tips and tricks that should help anyone looking to advance their understanding of IAM.

With the release of Kubernetes v1.23, Pod Security admission has now entered beta. Pod Security is a built-in admission controller that evaluates pod specifications against a predefined set of Pod Security Standards and determines whether to admit or deny the pod from running.

How-to guide explaining how to use cosign to sign container images built in Github. You can also check the related Github Announcement.

This blog details different ways to authenticate as a service account in Terraform code using short-lived credentials.

This guide presents best practices for deciding when to use workload identity federation, and how to configure it in a way that helps you minimize risks.

An attacker can run any code on a victim's SageMaker JupyterLab Notebook Instance across accounts. This means that an attacker can access the Notebook Instance metadata endpoint and steal the access token for the attached role.

There are standard best practices for service accounts but many GCP environments lag behind in implementing these best practices. This research shown how these violations in best practices can allow attackers to chain together attack steps to gain broader access to resources in a GCP environment.

A list of security mistakes made by Cloud Service Providers (AWS, GCP, Azure). Includes CVEs, SOC 2 Type 2 failures, security researchers compromising managed services, and more.

A standalone exporter for vulnerability reports and other CRs created by Starboard.

The S3 console now reports security warnings, errors, and suggestions from Identity and Access Management (IAM) Access Analyzer as you author your S3 policies. The console automatically runs more than 100 policy checks to validate your policies.

The best way to run Terraform on Google Cloud is with Cloud Build and Cloud Storage. This article explains why, covering scale, security and compliance.

Google announced the general availability of Cloud IDS. This core network security offering helps detect network-based threats and helps organizations meet compliance standards that call for the use of an intrusion detection system.

With GitHub's introduction of OIDC tokens into GitHub Actions Workflows, you can authenticate from GitHub Actions to Google Cloud using Workload Identity Federation, removing the need to export a long-lived JSON service account key.

Take multi-disk consistent point in time snapshots of all the disks attached to a VM for backup and disaster recovery purposes.