Safeguard
Topic

Cloud Security

In-depth guides and analysis on cloud security from the Safeguard engineering team.

237 articles

Cloud Security

Securing GCP Artifact Registry: A Complete Guide

How to configure GCP Artifact Registry for security-first container and package management, from IAM policies to vulnerability scanning.

Feb 22, 20237 min read
Cloud Security

Azure Defender for Containers: Getting Real Security Value

How to configure and operationalize Microsoft Defender for Containers for ACR scanning, AKS runtime protection, and CI/CD integration.

Jan 15, 20237 min read
Cloud Security

AWS ECR Container Scanning: Beyond the Defaults

A deep dive into ECR scanning options, from basic Clair scanning to enhanced Inspector integration, and what most teams get wrong.

Nov 18, 20228 min read
Cloud Security

Azure DevOps Pipeline Security Hardening: A Practical Guide

How to lock down your Azure DevOps pipelines against supply chain attacks, credential leaks, and unauthorized deployments.

Oct 15, 20228 min read
Cloud Security

SSRF Exploitation in Cloud Environments

Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.

Sep 5, 20227 min read
Cloud Security

Infrastructure as Code Security: Scanning Terraform, CloudFormation, and Kubernetes Manifests

IaC scanning catches misconfigurations before they reach production. This guide covers tools, techniques, and integration patterns for Terraform, CloudFormation, and Kubernetes.

Aug 22, 20227 min read
Cloud Security

AWS Inspector V2 Container Scanning: What Changed and Why It Matters

A deep look at Amazon Inspector v2 for container scanning, its improvements over v1, and how to get the most out of it.

Jul 28, 20227 min read
Cloud Security

AWS Supply Chain Security Best Practices You Should Adopt Today

A practical guide to securing your software supply chain on AWS, from ECR image provenance to CodePipeline hardening.

Jun 8, 20227 min read
Cloud Security

ChaosDB: The Microsoft Azure Cosmos DB Vulnerability That Exposed Thousands of Databases

A critical vulnerability in Azure Cosmos DB allowed any user to gain full admin access to other customers' database instances, exposing data from thousands of organizations including Fortune 500 companies.

Sep 10, 20215 min read
Cloud Security (Page 20) — Supply Chain Security Blog | Safeguard