Equifax has released an open-source controls framework that provides security guidance for cloud-native applications. The framework includes a set of controls that are mapped to security frameworks such as NIST.

A job board for cloud security professionals that scans and compiles the best open positions, from entry level to CISO (executive).

A three-pronged approach for simulating cybersecurity incidents, which consists of tabletop exercises, red team operations, and atomic simulations.

Cloud Custodian is a powerful tool for managing and enforcing policies in cloud environments, but it can be difficult to learn and use effectively. The author shares their experiences with using Cloud Custodian, including its benefits and drawbacks, and offers tips for getting started with the tool.

A wishlist of AWS IAM feature requests: IAM Authorization Debugging, Mapping of API Calls/IAM Permissions/CloudTrail Events, SCP Audit Mode, SCP for Resources, and API Request Parameters as Condition Keys.

This article outlines the security features provided by Cloud Run, including automatic TLS encryption, secure communication between services, and integration with Cloud IAM for access control.

A look at one possible way to organize and manage a monorepo setup, which will contain multiple projects and Terraform modules, with deployments spanning across multiple targets such as AWS accounts or Azure subscriptions.

Palantir, a data analytics company, has published a report proposing a framework for secure data sharing in the European Union. The report suggests that data should be shared in a way that preserves privacy and security, while also enabling innovation. The framework includes a set of principles and best practices for data sharing, as well as recommendations for policy and regulatory changes.

This SIEM content and false positives debate is a micro instantiation of a much bigger debate: the paradox between consuming security and engineering security.

A collection of sample queries for AWS CloudTrail Lake.

Automatically provision RDS database users using SSO as a source of truth.

Prescriptive workflows that implement best practices when interacting with Terraform Cloud.

Gitlab CI/CD templates for Terraform Cloud.

Sample code and notebooks for Generative AI on Google Cloud.

This post provides an overview of trust providers and policies, then walks through a Verified Access policy for securing your corporate applications.

This post provides an overview of how to get started with RDS Protection, dives into its finding types, and walks through examples of how to investigate and remediate findings.

AWS open-sourced the Cedar policy language and authorization engine. You can use Cedar to express fine-grained permissions as easy-to-understand policies enforced in your applications, and you can decouple access control from your application logic.

AWS announced the general availability of AWS Management Console Private Access. Private Access is a new security feature that allows customers to limit access to the Console from their VPC or connected networks to a set of trusted AWS accounts and organizations.

Google Cloud has announced the launch of a new solution aimed at helping financial services companies automate regulatory reporting.

Duet AI for Google Cloud is an always-on AI collaborator that provides help to users of all skill levels where they need it.

A summary of what Google announced at Google I/O 2023.

Deploy containers to Google Cloud with GitHub Actions and Google Cloud Deploy targets - Kubernetes, Anthos, and Cloud Run.

Administrators can use the Google Cloud mobile app to manage their organization's cloud identities and access while on the go.

Microsoft's ongoing commitment to and investments in security, this time on Secure Multitenancy.

Shareable links allows users to connect to target resources via Azure Bastion without access to the Azure portal.