Best practices for hardening AWS EKS clusters, including the importance of dedicated continuous delivery IAM roles, multi-account architecture for cluster isolation, and how to encrypt secrets in the control plane.

A set of guidelines to help you design your EKS clusters without compromising security.

How Segment got rid of SSH bastion hosts, reducing cost, complexity, and maintenance of their infrastructure, as well as eliminating the need to distribute SSH Keys. Last but not least, they reduced their attack surface by not having any SSH port open to the world.

You can combine AWS SSM Sessions with Ansible and execute existing playbooks on the instance, skipping traditional direct SSH connections.

How to implement Kubernetes monitoring with Prometheus, by learning how to deploy a Prometheus server and metrics exporters, setup kube-state-metrics, pull and collect those metrics, and configure alerts with Alertmanager and dashboards with Grafana.

Abuse of permissions in S3 buckets is one of the more common security issues companies face but this post addresses a different issue, S3 Bucket Namesquatting.

Article introducing Kubeflow and TensorFlow, track how this attack works, and cover steps to detect if you are affected, and mitigate its effects.

Azure flow logs don't have the same instance ID that AWS flow logs do. So how do you figure out which VM the logs came from?

Learn how Open Policy Agent (OPA) can be leveraged to secure infrastructure deployments by building policy-based guardrails around them.

How Sky Betting & Gaming helps its developers seamlessly grab dynamic credentials from HashiCorp Vault without having to specify which credentials they need.

Different workloads have different characteristics, and the best platform for a particular workload to run on depends on the nature of the specific workload. Workloads and their layers of abstraction need to be addressed independently since the workflow of its users will vary between use cases.

How Argo is Abused by attackers to drop cryptominers in exposed Kubernetes clusters.

A simple-yet-powerful API traffic viewer for Kubernetes to help you troubleshoot and debug your microservices. Think TCPDump and Chrome Dev Tools combined.

A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.

Scans Google Cloud DNS across a GCP Organization for domain records vulnerable to takeover.

A project to collate IAM actions, AWS APIs and managed policies from various public sources.

This controller operates self-hosted runners for GitHub Actions on your Kubernetes cluster.

AWS Private Certificate Authority (CA) now supports an open source plugin for cert-manager that offers a more secure certificate authority solution for Kubernetes containers.

How to set up Amazon Macie to validate data classifications provided by decentralized software development teams.

A solution which uses Client VPN to implement geolocation authentication rules. When a client VPN connection is established, authentication is implemented at the first point of entry into the AWS Cloud.

AWS Systems Manager Quick Setup announced support for AWS Config, allowing you to enable AWS Config recording and deploy conformance packs across all the accounts and Regions in your organization.

How to implement a centralized patching solution across AWS Regions by using AWS Systems Manager to initiate, track, and manage patching events from one centralized place.

Google announced Autonomic Security Operations, a stack of products, integrations, blueprints, technical content, and an accelerator program to enable customers to take advantage of Google's technology stack built on Chronicle and Google's deep security operations expertise.

Google released the preview of Cloud Armor Adaptive Protection, a machine learning-powered capability to protect your applications and services from Layer 7 DDoS attacks.

Cloud IDS (Intrusion Detection System) helps detect malware, spyware, and command-and-control attacks.

With this release, Private Catalog admins can use Terraform configurations to keep end users informed about updates.

How Google Cloud uses Confidential VMs and GKE Nodes to encrypt data even when it's in use.

Microsoft has published an Azure AD security operations guide. It covers identity security configurations and their monitoring (including user/privileged accounts, apps, devices, infrastructure).

Microsoft announced the general availability release of Azure Firewall Premium. Key features in this release include: TLS Inspection, IDPS, Web Categories, and URL Filtering.