A paper which provides a systematic study on real-world illicit cryptomining on public CI platforms, and proposes a novel approach which suppresses the miner's revenues, rendering them unprofitable, but only has negligible impacts on the performance of CI jobs and developer productivity.

This is the AWS account that makes having lots of AWS accounts efficient and safe. It's the most important account in your organization.

How GSK set out to build a cloud platform to enable their product team to work in short cycles.

FivexL shares its outlook on AWS Security Guidelines for startups. Find out how to improve your AWS security efficiently.

Some courses (and certifications) that teach the theory of GitOps and how to apply all of these practices in your application using the Argo project family.

A workshop teaching how to deploy Network Firewall using infrastructure as code.

Because of the Azure AD authentication platform architecture, users can bypass home tenant MFA and CA policies when logging in directly to resource tenants.

A post showing an approach to store SBOMs and Provenance in an OCI registry for software release assets.

Tracee now detects suspicious behavior at runtime with an extensive data collection and rules engine with a revised signature library for an array of scenarios.

This tools uses the AWS SSO API to list all users, accounts, permission sets etc. and dumps it into a CSV file for additional parsing or viewing.

A high availability AWS NAT implementation that reduces NAT Gateway costs while limiting the increased risk of operating NAT instances.

A proof-of-concept Lambda external extension that demonstrates some techniques to inspect and modify raw event data. You can also refer to the companion blog post.

GCE Rescue is a command-line tool to boot Google Cloud Platform VMs in Rescue Mode.

Using the new AWS Resource Explorer, you can now search through the AWS resources in your account across Regions using metadata such as names, tags, and IDs.

Learn about Resource Explorer, an AWS service that lets you search for and find the resources in your AWS account.

AWS CloudTrail announces support for a delegated administrator account, which provides customers with the ability to manage organization trails and CloudTrail Lake event data stores from an account other than the management account in AWS Organizations.

Amazon announced EventBridge Scheduler, a new capability from EventBridge that allows you to create, run, and manage scheduled tasks at scale.

A sample architecture for using Traffic Director with TLS routing for workloads deployed on the GKE cluster.

GCP announced the General Availability of the GKE Gateway controller, Google Cloud's implementation of the Kubernetes Gateway API, supporting single cluster deployments, in GKE 1.24+ clusters.

Getting started with deploying your OCI artifacts and Helm charts the GitOps way with Config Sync.

This blog looks at a few examples where Cloud Armor might be a good fit.

All newly created Azure Front Door, Azure Front Door (classic) or Azure CDN Standard from Microsoft (classic) resources will block any HTTP request that exhibits domain fronting behavior.

You can now update SSH keys on existing AKS nodepools post deployment.

A series of blogs where the goal is to help shed light on when to use Defender for Cloud Apps and Purview to protect your data.

Azure Front Door now supports managed identities generated by Azure Active Directory to allow Front Door to easily and securely access other Azure AD-protected resources such as Azure Key Vault.