aws
Safeguard articles tagged "aws" — guides, analysis, and best practices for software supply chain and application security.
67 articles
AWS Lambda Layers: Supply Chain Risks
Lambda layers feel like a convenience but they are a supply chain attack surface that most teams do not treat as code. Here is how they get abused and what to do about it.
AWS SAM Template Security Considerations
SAM templates look simple and that is exactly the problem. The defaults are generous, the transforms are opaque, and the resulting stacks are often more privileged than anyone intended.
Cloud Marketplace Security: What AWS and Azure Listings Actually Verify
Buying software through AWS Marketplace or Azure Marketplace feels safe. But what security verification actually happens before a listing goes live?
AWS ECR Container Scanning: Beyond the Defaults
A deep dive into ECR scanning options, from basic Clair scanning to enhanced Inspector integration, and what most teams get wrong.
SSRF Exploitation in Cloud Environments
Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.
AWS Inspector V2 Container Scanning: What Changed and Why It Matters
A deep look at Amazon Inspector v2 for container scanning, its improvements over v1, and how to get the most out of it.
AWS Supply Chain Security Best Practices You Should Adopt Today
A practical guide to securing your software supply chain on AWS, from ECR image provenance to CodePipeline hardening.