Centralized root management for AWS multi-account
When you are running multiple accounts through AWS Organizations, there are times when you may need to perform root-level actions in your member accounts. It…
Category: Cloud Security
AWS Resource Control Policies (RCPs) Explained: Demo with Secrets Manager
AWS has added another layer of defense - Resource Control Policies, or RCPs for short. Learn what they are, how they work, and how they compare to SCP…
AWS Detection Engineering with Grimoire
In a prior article, I showed you how to get started with a tool called Stratus Red Team to simulate adversaries by executing attacks against…
10 Best Practices for AWS Secrets Manager [Cheat Sheet]
In a prior post, we learned about AWS Secrets Manager: what it is, why it’s used, and how to get started with it. In this…
Hands-On Labs Added September & October 2024: IaC, S3, DevSecOps
Let’s take a look at all of the Hands-On Labs we launched in September & October 2024. They include labs in 3 primary categories: Foundational…
There’s a new attack targeting AWS accounts and it involves AI
Commonly when a threat actor gains access to AWS credentials (often long-term access keys), they will do a few things depending on their objectives…like for…
AWS SCS-02 Practice Exam Questions With Detailed Explanations
Studying for the AWS Certified Security Specialty (SCS-02) certification exam? Practice and challenge your readiness with our free practice exam questions. We’ll be adding a…
S3 Bucket Backdoor Attack Simulation with Stratus Red Team
Testing your AWS environment’s security measures and your blue team’s effectiveness is crucial, and the most effective way to do this is through simulated attacks.…
Terraform on AWS [Cheat Sheet]
So you need to deploy new or manage existing cloud infrastructure. What’s the best approach to get it done? The best way is to use…
Secure Your Cloud with Prowler [Cheat Sheet & Lab]
When it comes to securing cloud environments, automation and tooling can be a huge help, especially for tasks that should run on a regular basis.…