Cloud Security
In-depth guides and analysis on cloud security from the Safeguard engineering team.
237 articles
Securing GCP Artifact Registry: A Complete Guide
How to configure GCP Artifact Registry for security-first container and package management, from IAM policies to vulnerability scanning.
Azure Defender for Containers: Getting Real Security Value
How to configure and operationalize Microsoft Defender for Containers for ACR scanning, AKS runtime protection, and CI/CD integration.
AWS ECR Container Scanning: Beyond the Defaults
A deep dive into ECR scanning options, from basic Clair scanning to enhanced Inspector integration, and what most teams get wrong.
Azure DevOps Pipeline Security Hardening: A Practical Guide
How to lock down your Azure DevOps pipelines against supply chain attacks, credential leaks, and unauthorized deployments.
SSRF Exploitation in Cloud Environments
Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.
Infrastructure as Code Security: Scanning Terraform, CloudFormation, and Kubernetes Manifests
IaC scanning catches misconfigurations before they reach production. This guide covers tools, techniques, and integration patterns for Terraform, CloudFormation, and Kubernetes.
AWS Inspector V2 Container Scanning: What Changed and Why It Matters
A deep look at Amazon Inspector v2 for container scanning, its improvements over v1, and how to get the most out of it.
AWS Supply Chain Security Best Practices You Should Adopt Today
A practical guide to securing your software supply chain on AWS, from ECR image provenance to CodePipeline hardening.
ChaosDB: The Microsoft Azure Cosmos DB Vulnerability That Exposed Thousands of Databases
A critical vulnerability in Azure Cosmos DB allowed any user to gain full admin access to other customers' database instances, exposing data from thousands of organizations including Fortune 500 companies.