As CI/CD pipelines become more prevalent, their attack surface and abuse are being leveraged more and more by advanced red teams and real-world APTs.

This article is aimed at engineers who need to deploy their code using Kubernetes, but have no idea what Kubernetes is or how it works.

Whether you run Kubernetes yourself or use a managed provider like GKE, EKS, or AKS, certain events are worth investigating: successful authorisation of an anonymous request, default service account bound to privileged cluster role, and Pod created with an unusual image.

The evolution of network perimeters in modern cloud environments as well as some best practices for securing them.

Knowing how security groups & NACLs work together is extremely important for controlling network traffic to your instances & subnets.

Without a doubt security tools are very helpful in automating security checks, but they should be treated as a complement only, and never as a replacement for the assessor.

The Sigstore community announced the general availability of their free, community-operated certificate authority and transparency log services. In addition, two of Sigstore's foundational projects, Fulcio and Rekor, published v1.0 releases denoting a commitment to API stability.

An overview of the most common ways to use HashiCorp Vault and Kubernetes together, and a preview of a new method HashiCorp is considering.

Trivy, now supporting NSA compliance guideline, lets you outline reports to curate hundreds of checks for different components and configurations.

Get notified when users are taking actions in the AWS Console.

A simple Terraform configuration to create and manage GitGuardian Canary Tokens.

A handy way to troubleshoot containers lacking a shell and/or debugging tools (e.g., scratch, slim, or distroless).

Are you tired of clicking around in Microsoft portals to get to a blade?

Use the AWS Cloud Control API to list resources that are present in a given AWS account and region(s).

Amazon announced the availability of improved AWS Well-Architected Framework content. In this update, they changed all six pillars of the framework: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability.

IAM Access Analyzer now supports six additional resource types: SNS topics, EBS volume snapshots, RDS DB snapshots, RDS DB cluster snapshots, ECR repositories, and EFS file systems.

Google introduced Sensitive Actions, a new way to understand user account behaviour. They are changes made in a Google Cloud environment that are security relevant, and therefore important to be aware of and evaluate.

How, where and when pricing is incurred in Cloud Logging, Google's observability solution to manage Logs?

The new interface for the Google Kubernetes Engine can streamline security workflows and can help make it easier to follow up on security alerts.

Admins can now prevent accidental approvals in Microsoft Authenticator with number matching, location context, and application context.

ABAC for Azure Storage Blobs, ADLS Gen2, and queues is now generally available and can be used for access control by defining conditions on role-assignments based on resource and request attributes.