This week's articles
The road to zero trust is paved with good intentions
Where is your organization really in your zero trust journey, and how much further do you have to do? Implementing a true zero trust architecture is more aspirational than achievable.
#defend
#process
#strategy
The many ways to obtain credentials in AWS
Post exploring how AWS services provide IAM credentials, and teaching key risks and detection strategies to secure your cloud environment against credential misuse.
#aws
#defend
#iam
Escalating privileges to read secrets with Azure Key Vault access policies
Azure Key Vault Contributors are not allowed access to Key Vault keys, certificates, and secrets. But did you know they can still gain access to this sensitive data? This post will cover a privilege escalation vector to access data in key vaults using the access policy permissions model.
#attack
#azure
Announcing OPA 1.0
After nearly 10 years, OPA reached version 1.0. The new version introduces mandatory syntax changes, including the use of if for rule definitions and contains for multi-value rules.
#announcement
#opa
|