Safeguard
Tag

aws-security

Safeguard articles tagged "aws-security" — guides, analysis, and best practices for software supply chain and application security.

29 articles

Cloud Security

The AWS migration security checklist: IAM, encryption, and network segmentation

A misconfigured WAF and an over-permissioned IAM role exposed 106 million records in 2019 — here's the checklist that prevents a repeat during your AWS migration.

Jul 15, 20266 min read
Cloud Security

The AWS misconfiguration cheat sheet: public S3, open IAM, and open security groups

Three misconfigurations — public S3 buckets, over-permissioned IAM roles, and 0.0.0.0/0 security groups — keep causing breaches. Here's the CLI to find and fix each one.

Jul 14, 20266 min read
Cloud Security

The 2026 AWS Security Checklist: Account, IAM, Network, and Data Controls

One SSRF call against an unpatched WAF and a permissive IAM role were enough to expose 106 million Capital One records in 2019 — here's the checklist that stops it.

Jul 12, 20267 min read
Cloud Security

The most common AWS misconfigurations in 2026, with detection commands

Public S3 buckets, wildcard IAM policies, and 0.0.0.0/0 security groups remain the top three AWS findings — here's how to detect each with native tools.

Jul 12, 20266 min read
Cloud Security

High-profile AWS breaches: lessons learned

Capital One's 2019 breach exposed 106 million records through a single SSRF call to the EC2 metadata service — here's the exact control that would have stopped it.

Jul 8, 20266 min read
Cloud Security

AWS Security Best Practices for 2026

A practical, code-backed walkthrough of the AWS security controls that actually reduce breach risk in 2026 — identity, data, network, and infrastructure-as-code.

Jul 1, 20266 min read
Application Security

Top AWS security misconfigurations and how to fix them

A practical AWS misconfigurations cheat sheet — IAM, S3, security groups, logging, and snapshots — with real breach data and exact fixes.

Jun 21, 20266 min read
Application Security

The AWS shared responsibility model explained

AWS secures the cloud; you secure what's in it. Here's exactly where that line falls across EC2, RDS, Lambda, and EKS -- with real breach examples.

Jun 20, 20266 min read
Application Security

How to secure an Amazon S3 bucket

S3 misconfigurations have caused breaches from Verizon to Pegasus Airlines. Here's what actually secures a bucket—defaults, policies, encryption, and monitoring that hold.

Jun 20, 20268 min read
Application Security

AWS IAM permissions boundaries best practices

How AWS IAM permissions boundaries cap delegated identities, differ from SCPs, and where teams get privilege escalation wrong.

Jun 20, 20267 min read
Infrastructure Security

Scanning Terraform code for security misconfigurations

Public S3 buckets, open security groups, and wildcard IAM policies are the recurring Terraform mistakes behind most cloud breaches — here's how to catch them before apply.

Jun 19, 20268 min read
Infrastructure Security

Managing Terraform state file security risks

Terraform state files store database passwords, IAM keys, and private keys in plaintext. Here's how they leak, why encryption alone won't save you, and how to lock them down.

Jun 19, 20267 min read
aws-security — Safeguard Blog