Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.

All the free trainings (with and without certificates) released from different companies supporting CNCF Projects and Kubernetes.

Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.

A nice approach to verifying container image (im)mutability using a transparency log, which allows to verify if a tag has changed since the last time it was seen.

More ways to compromise Kubernetes via a publicly exposed service. This time it's Prometheus.

Detecting cybersecurity threats in the cloud is different from on-premises. Here's why.

This blog post explains three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.

This blog explores the main concepts behind eBPF technology and provides step by step instructions on how to build your own eBPF-based traffic capturing tool.

Datadog announced the "Datadog Security Labs", a new dedicated place for their security research content. It will host the release of new open source tools, research projects, emerging threat reports, deep dives, telemetry studies, and more.

Open-source proof-of-concept client for AWS IAM Roles Anywhere.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos.

A cheatsheet around SLSA, explaining threats, levels, requirements, and implementations.

GuardDuty introduces new machine learning capabilities that can more accurately identify malicious activity associated with known attack tactics, including the following: Data discovery, Tampering, Exfiltration.

AWS will now send you an MFA key to help secure your account.

Self-service solution to capture and examine data from EC2 instances and attached volumes for forensic analysis in the event of a potential security breach.

The new Batch managed service manages job queues, provisions and autoscales resources, runs jobs, executes subtasks, and deals with common errors.

By "shifting left", identifying cloud-related misconfigurations earlier, organizations can improve the quality of their products and lower their security costs.

Moving to the cloud comes with the fundamental question of how to effectively manage security and risk posture. From a Security Operations (SecOps) perspective, there are few core requirements that you may need for effective security and risk management in the cloud. Here are four big ones that are essential for SecOps.

The Azure Developer CLI provides developer-friendly commands that map to key stages in your workflow: code, build, deploy, monitor, repeat.