Post examining the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.

Security detection programs face significant scaling challenges. This post shares Palantir's learnings and suggests actionable detection strategies.

Tracking who has access to what information and why, across thousands of datasets and users, is an intractable challenge. Here's how Palantir solved it.

The 2022 State of Secrets Sprawl report measures the exposure of secrets within GitHub, Docker and internal repos and how it is evolving year to year.

How to install and run the Atomic Red Team environment on a Kubernetes system for testing Falco rules.

Presentation covering the key concepts of Pod Security along with how to use it walking through practical examples.

Dockerfile best-practices for writing production-worthy Docker images.

Post discussing the root causes of cloud squatting from an IT practitioner's perspective, and demonstrates the steps companies can take to harden their infrastructure.

SBOMs do not need to look the same to validate the artifacts described in them. As long as the data inside is correct you should be able to do it.

How to run your application in a production environment and control traffic flow in your Kubernetes cluster using network policies.

Easy alert enrichment for overworked security teams. You can also refer to the companion blog post.

Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic.

Stratus Red Team now supports Azure!

Exit if environment variables known to be used as access tokens are set.

Article describing the integrations required across AWS Control Tower and AWS SSO to implement a break-glass mechanism that makes access reporting publishable to system operators as well as to internal audit systems and processes.

How to use AWS Key Management Service (AWS KMS) RSA public keys on end clients or devices and encrypt data, then subsequently decrypt data by using private keys that are secured in AWS KMS.

Permissions boundaries are IAM features that help your centralized cloud IAM teams safely empower your application developers to create new IAM roles and policies in AWS.

How AWS CloudTrail Lake makes it easier to query all of the AWS CloudTrail management events and leverage the "tlsDetails" field to identify connections to AWS service endpoints below TLS 1.2 and 1.3.

Starting with GKE v1.25, you will need to download and use a new kubectl plugin called "gke-gcloud-auth-plugin" to authenticate to GKE.

You can now browse for Microsoft artifacts and container images on the Microsoft Artifact Registry website.