Really interesting table top exercises designed to start a conversation. Although they are focused towards AWS and not all of them will be applicable to every environment, I highly recommend to try them with your monitoring team.

How to write secure Dockerfiles, and how to automate security checks as codified policies and validate them against the Dockerfiles to identify potential security risks before deploying them into production.

A guide for configuring new AWS accounts with an emphasis on security, including customizable templates.

How to choose a technology for exposing your Lambdas, how to get free and secure TLS/SSL certificates from AWS, and how to separate authentication and authorization logic from your business logic with custom authorizers.

Learn about the pros and cons of using mono repositories and multi repositories along with the most logical use case for each.

Using AWS CloudShell is now probably the easiest an quickest way to run Prowler in your AWS account.

Deep dive on API Gateway access logs that covers just about everything you need to know on the subject, including: a deep dive on the fields to log, going from APIGW request to Lambda function logs, and avoiding common pitfalls.

Post covering the latest HashiCorp Boundary and Kubernetes integration and the access problems it solves.

HCP Consul is now generally available on AWS. HCP Consul is a fully managed service mesh to discover and securely connect any service.

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity.

List Okta account access to AWS IAM roles.

Including support for cross-account sensitive data discovery, scanning by Amazon S3 object prefix, improved pre-scan cost estimation, and added location detail in findings.

AWS PrivateLink provides private connectivity between S3 and on-premises resources using private IPs from your virtual network.

Google just launched On-Demand Scanning on GCP: it is now possible to scan local container images for vulnerabilities in your terminal as well as images already pushed to Container Registry and Artifact Registry.

Google announced VM Manager, a suite of infrastructure management tools to simplify and automate the maintenance of large fleets of Compute Engine VMs.

How to use Organization Policies for restricting public IPs of VMs, VPN Gateways, Load Balancers, and GKE.

Three patterns where keeping the keys off the cloud may in fact be truly necessary or outweighs the benefits of cloud-based key management.

Step by step walkthrough covering how to integrate and centralize your security response in Azure Sentinel with PagerDuty.