A number of organizations (like AWS) announced the release of the Open Cybersecurity Schema Framework (OCSF) project, which includes an open specification for the normalization of security telemetry across a wide range of security products and services, as well as open-source tools that support and accelerate the use of the OCSF schema.

How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.

Post detailing a few ways to abuse some of the most popular source code management systems to perform various attack scenarios, like: reconnaissance, manipulation of user roles, repository takeover, pivoting to other DevOps systems, user impersonation, and maintaining persistent access.

How to manage Route53 hosted zones in a multi-account environment so each account has full authority over its subdomain.

A guide through the introductory steps to configure contacts for an AWS account & secure the root user.

This post explains how Monzo scaled their detection rules using Sigma.

There are several ways to create a data fetching mechanism for OPA - each of them has its pros and cons.

While Domain Controllers might not be something that new organizations, those born in the cloud, would rely on today, it seems common for most existing organizations that seek to migrate.

Terraform Sentinel policies are now available in the Terraform Registry so you can publish policies you want to share and search the Registry for policies you need.

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.

Add digests to container and init container images in Kubernetes pod and pod template specs. Use either as a mutating admission webhook, or as a client-side KRM function with kpt or kustomize.

Find AWS resources that are not logging, and turn them on.

Monkey365 provides a tool for security consultants to easily conduct Microsoft 365, Azure subscriptions and Azure Active Directory security configuration reviews.

How to enroll your existing AWS accounts and accounts within the unregistered OUs in your AWS organization under AWS Control Tower programmatically.

It is now possible to view and update primary contact information on their AWS accounts using AWS CLI and AWS SDK.

Three solution architecture patterns that prevent unauthorized clients from gaining access to web application backend servers.

SCP examples that relate to three well-architected pillars: operational excellence, security, & cost management.

How to delegate AWS Control Tower's Account Factory to a specific part of your AWS estate. This enables and empowers local teams to create accounts while providing assurances that best practices and foundational baselines are adhered to.

A bird's eye view of authentication options in Google Cloud.

Data export rules in Azure Monitor log analytics can now be configured and managed directly via Azure Portal with ease.

Easily integrate secrets stores into your Azure Kubernetes Service (AKS) so you can securely access your secrets via the container's file system.