Safeguard
Tag

aws

Safeguard articles tagged "aws" — guides, analysis, and best practices for software supply chain and application security.

67 articles

Best Practices

AWS Lambda Layers: Supply Chain Risks

Lambda layers feel like a convenience but they are a supply chain attack surface that most teams do not treat as code. Here is how they get abused and what to do about it.

Mar 18, 20247 min read
DevSecOps

AWS SAM Template Security Considerations

SAM templates look simple and that is exactly the problem. The defaults are generous, the transforms are opaque, and the resulting stacks are often more privileged than anyone intended.

Feb 28, 20247 min read
Software Supply Chain Security

Cloud Marketplace Security: What AWS and Azure Listings Actually Verify

Buying software through AWS Marketplace or Azure Marketplace feels safe. But what security verification actually happens before a listing goes live?

Sep 8, 20234 min read
Cloud Security

AWS ECR Container Scanning: Beyond the Defaults

A deep dive into ECR scanning options, from basic Clair scanning to enhanced Inspector integration, and what most teams get wrong.

Nov 18, 20228 min read
Cloud Security

SSRF Exploitation in Cloud Environments

Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.

Sep 5, 20227 min read
Cloud Security

AWS Inspector V2 Container Scanning: What Changed and Why It Matters

A deep look at Amazon Inspector v2 for container scanning, its improvements over v1, and how to get the most out of it.

Jul 28, 20227 min read
Cloud Security

AWS Supply Chain Security Best Practices You Should Adopt Today

A practical guide to securing your software supply chain on AWS, from ECR image provenance to CodePipeline hardening.

Jun 8, 20227 min read
aws (Page 6) — Safeguard Blog