This week's articles
The SOC2 Starting Seven
Good post about getting the basics right: 7 things you can do now that will simplify SOC2 for you down the road while making your life, or at least your security posture, materially better in the immediacy.
Dangers of HostPath PersistentVolumes
This post discusses some dangers that arise when using HostPath PersistentVolumes, which cannot be secured by operators and can result in Pod escapes.
Disaster Tolerance Patterns Using AWS Serverless Services
Post sharing the experiences and learnings gathered while embracing disaster tolerance using serverless. Key point: you should really design your cloud architectures for disaster tolerance from the start (even if it is counter intuitive to do so by lean principles).
7 Ways AWS Can Fix its Public S3 Bucket Problem
While it's true that AWS has done a lot in the past year to improve S3 bucket security, for some reason we’re still seeing breaches occur with a regular cadence. This post proposes some additional suggestions.
The Open-Source AWS Cyber Range
This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using the AWS Cloud. It contains vulnerable systems and a toolkit of the most powerful open-source / community edition tools known to Penetration testers.