Post intended to help those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.

Post describing some ways to implement a quarantine pattern for container images or other artifacts stored in OCI registries.

Some AWS IAM interview questions to help understand how much an engineer might know about AWS IAM, and how to apply it.

Post describing the system signal and live reload methods for updating Kubernetes applications when secrets change.

The SLSA community announced that they're adding a new tool to generate provenance documents for projects developed in any programming language, while keeping your existing building workflows.

A thorough introduction to Istio, showing what it does under the hood.

How SMTP matching can be abused to obtain privileged access via eligible role assignments, and how to prevent it.

Second part of a series, this time focusing on how to use the BloodHound Attack Research Kit (BARK) to perform so-called "continuous abuse primitive validation".

Devbox is a command-line tool that lets you easily create isolated shells and containers. You start by defining the list of packages required by your development environment, and devbox uses that definition to create an isolated environment just for your application.

A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices.

Burp Extension for AWS SigV4 Signing.

kconnect is a CLI utility that can be used to discover and securely access Kubernetes clusters across multiple operating environments.

Common use cases for service control policies (SCPs) in AWS Organizations & how to use them to build preventive controls.

You can now use SNS to subscribe to the new Security Hub Announcements topic to receive updates about new Security Hub services and features, newly supported standards and controls, and other Security Hub changes.

How to set up an allow list in Macie and run a Macie scan that uses the allow list to ignore the specified values when creating sensitive data findings.

How to put policies and guardrails in place that will allow your organization to grant IAM permissions to builders.

Infrastructure continuous compliance can be achieved thanks to Google Cloud's open and extensible architecture, which uses Security Command Center and open source solutions.

As the threat landscape continues to evolve, government leaders need partners that can provide in-depth security to help protect, detect, and mitigate security breaches.