How to leverage Cartography to detect, identify, categorize, and visualize all the assets being deployed in your estate. (Disclaimer: I wrote this post!)

A Guided Walkthrough Guide to help you create your own Kubernetes environment so you can take on the role of two attacking personas looking to make some money and one defending persona working hard to keep the cluster safe and healthy.

In order to take full advantage of compromised Docker registries, NCC Group has developed go-pillage-registries. This repository contains a tool called pilreg, which provides a pentester-focused interface for these registries. pilreg allows attackers to easily enumerate images stored in a registry in order to obtain their metadata and filesystems.

Classic supply chain attack: malicious code can be inserted into any GitHub action, even those which are tagged. Instead of checking out a branch or a tag (both are not safe), you could use a commit hash instead.

Preflight Packages are a very thin wrapper around OPA's policies. A package is made of Rego files (OPA's high-level declarative language) and a Policy Manifest. The Policy Manifest is a YAML file intended to add metadata to the rules, so the tool can display useful information when a rule doesn't pass.

Learn how to get multiple Vault clusters up and running on Kubernetes in a few clicks with Terraform.

VirusTotal released a set of changes and improvements to their VirusTotal Graph, which aims to provide a tool which understands the relationship between files, URLs, domains and IP addresses, and an easy interface to pivot and navigate over them. Plus, it also has an API.

Create a centralized and automated workflow that creates and validates AWS IAM policies for application teams working in various environments.

Analyze AWS WAF logs and build multiple dashboards without booting up servers.

Secret Manager is a new Google Cloud service that provides a secure and convenient method for storing API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud.

As GKE moved from v1.12 to v1.15 over the past year, here's an overview of what security changes Google made to the platform (to improve security behind the scenes), as well as advice added to the GKE hardening guide.