cloud-iam
Safeguard articles tagged "cloud-iam" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Unified identity, segmentation, and policy-as-code for multi-cloud
38% of breaches start with stolen credentials, per Verizon's 2024 DBIR — the fix for multi-cloud estates is unified identity, segmentation, and policy-as-code, not per-provider IAM.
Using OCI dynamic groups to authenticate CI/CD pipelines
A practical guide to eliminating static credentials in CI/CD using OCI dynamic groups, matching rules, and OCI DevOps service authentication instead of API keys.
Cloud IAM privilege escalation paths explained
A breakdown of how cloud IAM privilege escalation paths work across AWS, GCP, and Azure, with real permission chains and breach examples.
How Snyk Container's registry integrations authenticate a...
A technical walkthrough of how Snyk Container authenticates and pulls images from ECR, ACR, GCR, and Artifactory using IAM roles, service principals, and tokens.