A story of evolving socio-technical workflows that increased developer velocity and redefined confident testing and deploy workflows at Slack.

Lockfiles: the best investment you can make for supply chain security.

Here are nine cloud pen testing tools use by pentesters in 2022, and additional resources for enhancing your cloud pentesting skills.

The default build authorization configuration in Jenkins, controlling the permissions allocated to pipelines, is insecure and is often left unmodified in production environments.

Learn about possible attack scenarios in Infrastructure as Code and GitOps environments, evaluate tools and scanners with Terraform, Kubernetes, etc., and more.

Checklist for container security and devsecops practices.

One of the often-debated questions in AWS is whether AWS account IDs are sensitive information or not and the question has been oddly-difficult to answer definitively.

How to configure workload identity federation with Azure (OIDC-compliant IdP) so workloads running on an Azure VM can impersonate a service account to perform operations on a Google Cloud resource.

A K8s admission controller for security and operational best practices (Based on Checkov). You can also refer to the companion blog post.

API traffic viewer for Kubernetes enabling you to view all API communication between microservices. Think TCPDump and Wireshark re-invented for Kubernetes.

AWS CloudSaga is for customers to test security controls and alerts within their AWS environment, using generated alerts based on security events seen by the AWS Customer Incident Response Team (CIRT).

Granted is a command line interface (CLI) application which simplifies access to cloud roles and allows multiple cloud accounts to be opened in your web browser simultaneously.

Automated determination of which AWS services run where.

With AWS Backup for Amazon S3 now being generally available, you can centralize data protection for your application data stored in Amazon S3 alongside other AWS services for storage, compute, and databases and meet your business continuity goals.

The AWS Organizations console now allows you to centrally view and update the alternate contacts for your AWS accounts.

Post collecting security content to help you protect data, manage access, protect networks and applications, detect and monitor threats, and ensure privacy and compliance.

Amazon VPC IPAM help you plan, track & monitor IP addresses for your AWS workloads, in a single pane view, across AWS Regions & accounts in your organization.

FIDO security keys can be used to authenticate to Google Compute Engine (GCE) virtual machine (VM) instances that use OS Login service.

Extending threat detection in Security Command Center with Virtual Machine Threat Detection.

With IAM Conditions and Tags, you have powerful tools to institute finer-grained administrative and connection access control for your databases.

Some use cases for Azure Monitor.