This week's articles
Tetragone: A Lesson in Security Fundamentals
A journey through a bypass of a new eBPF-based observability and mitigation tool named Tetragon, developed in the two hours after the tool was first set up, as a hopefully instructive lesson on the importance of security fundamentals.
Automating Azure Abuse Research
A step-by-step process for automating Azure abuse research, with examples for Azure Virtual Machines and their Managed Identities.
A Review of the AWS Security Model
#aws, #defend, #strategy
AWS have released their own security maturity model, but does it stack up against what we're seeing in real-world attacks and in the approaches being suggested by the rest of the AWS security community?
A much needed style guide providing a collection of recommendations and best practices for authoring Rego.
Terraform Best Practices for Better Infrastructure Management
#build, #iac, #terraform
Post which explores different best practices for Terraform and Infrastructure as Code, analyzes various options for handling and structuring Terraform projects, and shows how adopting helper tools could make our life easier.