Safeguard
Tag

aws-security

Safeguard articles tagged "aws-security" — guides, analysis, and best practices for software supply chain and application security.

29 articles

Infrastructure Security

Scanning AWS CloudFormation templates for misconfigurations

CloudFormation deploys exactly what you write, misconfigurations included. Here's how scanning catches IAM, S3, and security group errors before they ship.

Jun 18, 20267 min read
Infrastructure Security

Cloud misconfiguration as the top cause of cloud breaches

Capital One, Toyota, and a single Azure endpoint that leaked 65,000 companies' data all trace back to one root cause: cloud misconfiguration.

Jun 17, 20267 min read
Infrastructure Security

What is AWS CloudFormation Security

What is CloudFormation security? A practical breakdown of IAM least privilege, drift detection, secret scanning, and template misconfigurations that cause breaches.

Mar 12, 20266 min read
Cloud Security

How to set up AWS GuardDuty for threat detection

A step-by-step guide to enabling AWS GuardDuty across accounts and regions, routing findings to your alerting stack, and triaging results.

Feb 20, 20268 min read
Cloud Security

How to set up AWS CloudTrail logging

A step-by-step guide to setting up AWS CloudTrail logging, enabling it across all regions, validating log integrity, and building a solid audit logging setup.

Feb 16, 20267 min read
Cloud Security

How to enable MFA on an AWS root account

A step-by-step guide to enabling MFA on your AWS root account, covering virtual MFA device setup, verification commands, troubleshooting, and ongoing security best practices.

Feb 15, 20268 min read
Industry Analysis

How to set up a bastion host for secure SSH access

A step-by-step guide to set up bastion host SSH access on AWS, with ProxyJump configs, security group rules, and a verification checklist for hardened jump box access.

Feb 12, 20267 min read
Compliance

How to configure AWS Config for continuous compliance mon...

A step-by-step guide to configure AWS Config compliance monitoring: rules setup, conformance packs, alerting, remediation, and multi-account aggregation.

Feb 12, 20268 min read
Container Security

Hardening Amazon EKS clusters against common attack paths

A step-by-step guide to EKS security best practices: lock down IAM, enforce pod security standards, segment networks, and verify every control.

Jan 20, 20268 min read
Cloud Security

Using AWS IAM Access Analyzer to find unused and external...

How AWS IAM Access Analyzer surfaces unused permissions and external access risk across your AWS accounts, and where native findings need extra context to prioritize.

Jan 19, 20266 min read
Container Security

Continuous container vulnerability scanning with Amazon I...

How Amazon Inspector's continuous container scanning actually works, where Inspector vs Trivy differs, and the ECR blind spots teams need to cover.

Jan 19, 20267 min read
Cloud Security

Comparing confidential VM offerings across major cloud pr...

A practical comparison of confidential virtual machines across Azure, AWS Nitro Enclaves, GCP confidential compute, and more -- real strengths, real limitations, no marketing gloss.

Dec 11, 20258 min read
aws-security (Page 2) — Safeguard Blog