The Orca Security Research Team wrote about 2 critical zero-day vulnerabilities affecting AWS: Superglue and BreakingFormation. These vulnerabilities could've allowed unauthorized access to customer data and/or sensitive code and data within AWS.

What metrics and techniques you can use to protect your SOC against volatility, and, ultimately, burnout.

Lessons learned and insight gained from a year of modeling and engineering CI/CD graphs from the attacker's perspective.

Slides discussing scanning IaC, but also drift prevention / detection, runtime scanning, and a strategy to introduce IaC scanning in an organization.

A vulnerable "modern AWS DevOps environment" with an API, simulated user activity, and a continuous deployment pipeline.

A Twitter thread on how to get AWS Customer Support to remove MFA from your root account.

Use Azure Policy Guest Configuration to gain persistence in your target environment and how to detect such an attack as a defender.

How to use kube-state-metrics and Prometheus to monitor CronJobs.

A summary of notable features and enhancements released from the OPA team in 2021.

A script for checking if Falco drivers are available for your system.

insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces. You can also refer to the companion blog post.

Easy to use CLI security checks for the Heroku platform. Validate baseline security configurations for your own Heroku deployments.

A curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful to help you learn Azure Policy.

Amazon announced the general availability of AWS CloudTrail Lake, a managed data lake that lets organizations aggregate, immutably store, and query events recorded by CloudTrail for auditing, security investigation, and operational troubleshooting.

Post highlighting the newest AWS security-focused workshops.

How to get started with SCPs, describe common use cases, and how to write your own SCPs.

Quick read on the difference between the Amazon Elastic Container Registry (ECR) basic vulnerability assessment and the new enhanced vulnerability management service that integrates Amazon Inspector.

CloudWatch Logs now makes it easier for AWS Organizations customers to manage CloudWatch Logs Subscription Filter destination access policies.

The role of data governance, why it's important, and processes that need to be implemented to run an effective data governance program.

Eight megatrends that actually compound the security advantages of the cloud compared with on-prem environments: Economy of scale, Shared fate, Healthy competition, Cloud as the digital immune system, Software-defined infrastructure, Increasing deployment velocity, Simplicity, Sovereignty meets sustainability.

How to use Cloud Armor to geofence a website/service running on GCP using Cloud Run, Google Cloud Storage (GCS) and the Global HTTP(S) Load Balancer.