How to design a state of the art multi-account security logging platform in GCP. (Disclaimer: I did write this post).

Super interesting writeup describing how it was possible to read anyone's GitHub Actions secrets, write to their repositories, and publish many of their packages.

Workload Identity federation allows cloud users to access GCP resources from AWS without the need for service account keys.

An introduction to GKE Workload Identity, and why it seems like a terrific way to do the right thing.

Fargate helps users offload more security responsibilities to AWS. However, user account security and application security remain crucial. Once an attacker has successfully compromised the Fargate container, it can be used as a base for lateral movement to gain more privileges or access sensitive information.

What problems AWS Access Analyzer policy checks identify and how to use them to develop secure, valid policies.

Hacking the cloud is an encyclopedia of attacks/tactics/techniques that security professionals can use in offensive engagements.

Post reviewing different misconfigurations of kubelet which could eventually open avenues to the Kubernetes cluster, as well as several effective mitigation steps.

Guide explaining the types and structure of Azure platform logs, alongside detailing key Azure platform logs to monitor.

Walk through of a few techniques that can be classified as MITRE privilege escalation, as well as of some examples of how an open-source tool like Falco can help you detect these container security attacks.

Article introducing a new feature that enhances OPA's ability to statically type check Rego code by taking into account schemas for input documents. This improves programmer productivity and helps Rego programmers catch errors earlier.

A proposal to replace PodSecurityPolicy with a new built-in admission controller that enforces the Pod Security Standards.

Container Signing, Verification and Storage in an OCI registry. You can also check the companion blog post.

Jenkins pipeline shared library for automating deployments via GitOps.

Collection of tools useful when auditing a Kubernetes cluster and its RBAC policies.

AWS added policy validation to IAM Access Analyzer, aimed to help construct IAM policies and SCPs that take advantage of time-tested AWS best practices. Validation takes place before policies are attached to IAM principals.

AWS announced the availability of S3 Object Lambda, a new capability that allows you to add your own code to process data retrieved from S3 before returning it to an application.

AWS announced the ability to "exec" into a container running inside a task deployed on either EC2 or Fargate. This new functionality, dubbed ECS Exec, allows users to either run an interactive shell or a single command against a container.

How to use AWS Network Firewall to automatically respond to potential security events within your AWS environment that are detected by Amazon GuardDuty. The goal is to rapidly contain the impact of security events, while providing additional time for follow-up investigation.

Real-life example on how to document and manage the desired or expected configuration of your AWS resources with tags, as well as how to use AWS Config to assess the compliance of your configuration against your organization's defined requirements by leveraging these tags.

Some data modification techniques that you can use to protect your data and the use cases for them.

Sample procedure that will exchange a long term or short term AWS credential for a GCP credential.

Blog looking at why it is important for organizations to monitor their software development, build, and release process to help secure their own internal software supply chains as well as the those of wider industry.