OpenCSPM is an open-source platform developed by Darkbit that aims to make continuous cloud security posture assessments of cloud environments a practical reality for security and compliance teams alike. It offers a unique approach to manage the firehose of security and compliance check results that even modest AWS and GCP environments can surface, and its control definitions allow for simple yet powerful levels of introspection of its graph data model.

Curiefense is a free, open-source, web security platform that extends Envoy Proxy to include WAF, Bot Management, application-layer DDoS, & more.

High-level post reviewing logging and visibility options offered by AWS and GCP, and discussing blind spots and how to eliminate them.

This release features Integrated Storage enhancements, a new Key Management Secrets Engine, Transform Secrets Engine updates, and more.

Terraform 0.14 allows users to define values as "sensitive", making it easier to redact sensitive information in Terraform workflows.

How the Auth0 Deploy CLI and GitHub Actions can be used to export the configuration of your environment and then import this same configuration on your other environments.

How to monitor coreDNS: how to get metrics out of it, and what to look for.

How to use GCP's Identity-Aware Proxy (IAP) to establish secure RDP, SSH, and VNC connections to VMs on GCE that don't have a public IP or VPN connectivity.

Walkthrough covering the CloudGoat attack simulation "ecs_efs_attack", teaching how to pivot through AWS Elastic Container Service and gain access to AWS Elastic File Share.

Collection of tiny Terraform modules that can be used to do dangerous things in a CI/CD pipeline.

Tutorial walking through provisioning some VMs on GCP so to kick the tires on Cmd, an utility to track and control users in production.

AWS announced the general availability of AWS Gateway Load Balancer (GWLB), a service that makes it easy and cost-effective to deploy, scale and manage the availability of third-party virtual appliances such as firewalls, intrusion detection and prevention systems and deep packet inspection systems in the cloud.

Get started with AWS Nitro Enclaves. From EC2 instances, you can create isolated execution environments that are separate, hardened VMs.

You can now send logs from AWS Lambda functions directly to a destination of your choice by using AWS Lambda Extensions. It is currently possible to use extensions that send logs to the following providers: Datadog, New Relic, Sumo Logic, Honeycomb, Lumigo, and Coralogix.

Amazon added the possibility to deploy container-based workloads on Lightsail. You can now deploy your container images to the cloud with the same simplicity and the same bundled pricing Amazon Lightsail provides for your virtual servers.

It is now possible to use your own encryption keys for secrets stored in GCP SecretManager with CMEK.

Google open sourced a project called grpc-health-probe, a command-line tool to assess health of a gRPC server.

Post discussing some redundancy mechanisms you can employ to ensure that Cloud DNS is always available to handle your DNS requests.

How to use Azure Data Explorer (ADX) as a secondary log store.