How Revolut uses a custom system to scale and improve their continuous security scanning.

A post that describes the Brex Detection and Response Team's approach to managing and automating security alerts at scale.

How Pinterest enforced the use of managed and compliant devices in their Okta authentication flow, using a passwordless implementation, so that access to their tools always requires a healthy Pinterest device.

Post explaining AWS Cognito User Attributes tampering and introducing a free lab to experiment with.

GitHub Container Registry (GHCR) had an information leak bug, where names of private repos were exposed. Here's the background on how it was reported and fixed.

A recap on privilege escalation and powerful permissions in Kubernetes and an analysis of the ways various platforms have addressed it.

Learn how to improve cluster security with user namespaces, a new feature introduced in Kubernetes v1.25.

How to stand up a Sigstore deployment on your own infrastructure on Kubernetes so that you will be able to take advantage of the benefits and the assurance of not exposing sensitive resources.

Learn how you can leverage Terraform and GKE or EKS to provision identical clusters for development, staging and production environments with a single click.

Ancestry tracking for HCP Packer provides visibility into image dependencies across your cloud environment for image lifecycle management.

Take automated actions on your Security Command Center findings.

Exploiting and Securing Jenkins Instances at Scale. You can also refer to the companion blog post.

Ddbsh is a simple CLI for DynamoDB modeled on isql, and the MySQL CLIs.

The Cryptographic Computing for Clean Rooms (C3R) encryption client and SDK provide client-side tooling which allows users to participate in AWS Clean Rooms collaborations leveraging cryptographic computing by pre- and post-processing data.

The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program that facilitates the creation and enablement of secure EKS Clusters.

AWS Lambda is announcing runtime management controls which provide more visibility and control over when Lambda applies runtime updates to your functions.

The finding groups feature reduces triage time and provides a clear view of related GuardDuty findings. With finding groups, you can investigate entities and security findings that might have been overlooked in isolation.

How to use Docker to develop, deploy, and run applications by using the CloudHSM SDK, and how to manage and orchestrate workloads by using tools and services like ECS, EKS, and Jenkins.

How to use Amazon CloudWatch to monitor and analyze AWS WAF activity using the options in CloudWatch metrics, Contributor Insights, and Logs Insights.

How to privately connect to Cloud SQL from a remote network using PSC.

Policy Controller enables the enforcement of programmable policies for Anthos clusters. This blog is for introducing new features launched for ACM - Policy Controller.

How to protect against common API-based vulnerabilities, as identified by the OWASP API Security Top 10 threats, using Azure API Management.

Microsoft extended migration period for IaaS VMs from Azure Service Manager to Azure Resource Manager up to the 1st of September 2023.

Application security groups (ASGs) support for private endpoints is now generally available.