Post describing the evolution of Hulu's DNS infrastructure from a simple setup to a more distributed configuration that is capable of reliably handling a significantly higher request volume.

A CVE has been found in Kubernetes kube-apiserver where an authorized user could redirect pod traffic to private networks on a Node. This post explains how Kubernetes is impacted and how to mitigate and detect it with Falco and OpenPolicyAgent.

Post describing the different components of running a DevSecOps program as well as some of the (hard) lessons learned through the years.

Nice small website providing flashcards to learn cloud skills.

There are many descriptions of the CKA exam process on the internet, but not that many from a security engineering perspective. This post discusses how a security engineer found the course, the preparation they did, and their experience of the exam.

How to prevent security issues and optimize containerized applications by applying a quick set of Dockerfile best practices in your image builds.

The use of routing daemons on Kubernetes clusters is opening some new threat models against known routing protocols' security limitations. An attacker can exploit these new game rules to manipulate data traffic throughout the cluster from low-privileged access to a single node in the cluster.

A little guide for locking down a VPS or similar to ensure your SSH connection is as secure as can be.

TeamTNT staged malicious images on Docker Hub using a legitimate user's Docker Hub account. The credentials to this Docker Hub account were accidentally committed to a public GitHub repo.

Recently, AWS published a new backend implementation for the Secrets Store CSI Driver that allows using AWS Secrets Manager as a Secret Provider.

Perspective, thoughts, and vision for directly dealing with the problem of Attack Paths.

Yor is an open-source tool that helps add informative and consistent tags across infrastructure-as-code frameworks such as Terraform, CloudFormation, and Serverless. Yor is built to run as a GitHub Action automatically adding consistent tagging logics to your IaC. Yor can also run as a pre-commit hook and a standalone CLI. You can also review the companion blog post.

Angle-grinder allows you to parse, aggregate, sum, average, min/max, percentile, and sort your data. You can see it, live-updating, in your terminal. Angle grinder is designed for when, for whatever reason, you don't have your data in graphite/honeycomb/kibana/sumologic/splunk/etc. but still want to be able to do sophisticated analytics.

crane is a tool for interacting with remote images and registries.

A kubectl plugin to show out-of-date images running in a cluster. The plugin will scan for all pods in all namespaces that you have at least read access to. It will then connect to the registry that hosts the image, and (if there's permission), it will analyze your tag to the list of current tags.

This repository contains a collection of cheatsheets put together for tools related to pentesting organizations that leverage cloud providers.

CONVEX is a group of CTFs that are independently deployable into participant Azure environments.

CLI tool to generate terraform files from existing infrastructure (reverse Terraform).

A plugin which allows users to create secrets with secure input prompt to prevent information leakages through terminal history, shoulder surfing attacks, etc.

A collection of tools useful when auditing an AWS account for security misconfigurations.

A Lambda function that makes use of CloudWatch rules to report back those certificates that are due to expire within a pre-defined amount of time.

How to use an Amazon Cognito user pool as a user directory and let users authenticate and acquire the JSON Web Token (JWT) to pass to the API Gateway.

How to use Amazon EC2 Instance Connect to use SSH to securely access your EC2 instances running on private subnets within a VPC.

How to use AWS Directory Service with the AWS Transfer Family to securely provide permissions for file transfers to users in your AD groups.

How to use Amazon Neptune with AWS Config to get an insight of your landscape on AWS and map out relationships.

How to use automation to reduce the pain of manual and repetitive evidence collection. This will help you focus more on the compliance architecture rather than on evidence collection.

A new version of OS configuration management within VM Manager makes it easier to manage large fleets of Compute Engine virtual machines.

Blog discussing methods to monitor the actions of the SOC team from a risk and auditing standpoint.

Microsoft announced over 15 new out-of-the-box data connectors for Azure Sentinel to enable data collection for leading products across different industries and clouds.