A document which helps defenders identify focus areas for securing their CI/CD ecosystem. It is the result of extensive research into attack vectors associated with CI/CD, and the analysis of high profile breaches and security flaws.

Using Serverless AWS Step Functions To Accelerate FedRAMP Moderate ATO.

A simple Lambda that monitors your CloudTrail log files to find manual actions taken in your accounts.

How to prevent Terraform supply chain weaknesses across code and delivery pipelines with Checkov.

How to secure your software supply chain by applying some SLSA requirements in your GitHub actions workflows.

A framework which aims to facilitate automated steps for incident response and forensics based on the AWS Incident Response White Paper.

Article exploring and testing Defender for Containers against a vulnerable environment and see what it can detect or prevent.

How to use Kyverno and OPA to mitigate CVE-2022-0811, a new CRI-O vulnerability which allows a container escape.

Azure Hybrid Workers can be configured to use Automation Account "Run as" accounts, which can expose the credentials to anyone with local administrator access to the Hybrid Worker. Since "Run as" accounts are typically subscription contributors, this can lead to privilege escalation from multiple Azure Role-Based Access Control (RBAC) roles.

A VS Code plug-in that generates AWS IAM policies from your code.

Iterate through all the available projects in your GCP Organization and find those Compute Engine Instances that can access other instances.

A non-interactive daemon for host management. You can also refer to the companion blog post.

A Prometheus exporter to monitor x509 certificates expiration in Kubernetes clusters or standalone.

Leapp is the DevTool to access your cloud.

AWS Lambda now supports the aws:PrincipalOrgID condition key in resource-based policies. Customers can use resource-based policies for Lambda functions including specific version or alias to grant usage permissions for other AWS accounts or AWS services.

How to configure federation with Google Workspace if you are using AWS IAM federation.

How to deploy a solution into your AWS account that enables you to simply attach manual evidence to controls using AWS Audit Manager.

Introducing Community Security Analytics, an open-source repository of queries for self-service security analytics to help you get started analyzing your Google Cloud logs and detecting potential threats to your workloads & data.

Microsoft announced the preview of Azure Private Link support for Azure API Management service. With Azure Private Link we can create a private endpoint for the gateway component, which will be exposed through a private IP within your virtual network.