GitHub Actions is phenomenal in many aspects. But its commonality can make it a target for bad actors. Here's how Tinder Security Labs detects security risks and what they recommend to identify potential vulnerabilities in workflows.

Post exploring VPC Service Controls through an example of a common use case of VPC Service Control perimeters, deep dive on some key concepts, and learn how to automate administration with Terraform.

Understand container security challenges and learn about critical container security best practices, such as securing images, registries, etc.

Google Groups deliver some unauthenticated emails to user inboxes which puts group members at a higher risk of receiving spoofing and malicious emails and presents additional risk to the organization.

Using Sigstore Cosign, Trivy, GitHub Actions, and Kyverno to attest and verify continual vulnerability scans in container images run under Kubernetes.

Tales from a recent pentest of a product hosted on the AWS cloud backed by Kubernetes (EKS) and a whole lot of secure design goodness that withstood attack attempts.

IAM-Deescalate helps mitigate privilege escalation risk in AWS IAM. You can also refer to the companion blog post.

The policy-controller admission controller can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign.

A vulnerable-by-design Azure Lab to test your red team attacking and blue team detecting capabilities, from Mandiant.

For current AWS SSO customers, there is no change to how you centrally manage access to multiple AWS accounts or applications. The name change reflects the service capabilities, foundation in AWS Identity and Access Management (IAM), and role as the central place to manage access across AWS.

Amazon GuardDuty Malware Protection is now available, in Amazon GuardDuty, to help detect malicious files residing on an instance or container workload running on Amazon Elastic Compute Cloud (Amazon EC2) without deploying security software or agents. Amazon GuardDuty Malware Protection adds file scanning for workloads utilizing Amazon Elastic Block Store (EBS) volumes to detect malware that can be used to compromise resources, modify access permissions, and exfiltrate data.

AWS Security Hub now automatically receives Amazon GuardDuty Malware Protection findings. Amazon GuardDuty Malware Protection delivers agentless detection of malware on your Amazon Elastic Cloud Compute (EC2) instance and container workloads.

When you have GuardDuty Malware Protection enabled, a malware scan is initiated when GuardDuty detects that one of your EC2 instances or container workloads running on EC2 is doing something suspicious.

AWS announced new capabilities in Amazon Detective to expand security investigation coverage for Kubernetes workloads running on Amazon EKS. When you enable this new feature, Amazon Detective automatically starts ingesting EKS audit logs to capture chronological API activity from users, applications, and the control plane in Amazon EKS for clusters, pods, container images, and Kubernetes subjects (Kubernetes users and service accounts).

A new capability in Macie that allows for one-click, temporary retrieval of up to 10 examples of sensitive data found in S3 by Macie.

A new Organization page in AWS Control Tower with a hierarchical view of all Organizational units (OUs) and accounts. Customers now have the ability to view, group, and manage their entire organizational structure through a single page.

Metrics can be a vital asset - or a terrible failure - for keeping organizations safe. Follow these tips to ensure security teams are tracking what truly matters.

This article is trying to answer one simple question: When deciding on how to use DNS with GKE, what are the available native k8s options, which options exist on Google Cloud, and how do these two things play together?

New password validation for Cloud SQL for PostgreSQL and MySQL local users simplifies password management and can help better secure databases.