cloud-security-posture
Safeguard articles tagged "cloud-security-posture" — guides, analysis, and best practices for software supply chain and application security.
5 articles
The 2026 AWS Security Checklist: Account, IAM, Network, and Data Controls
One SSRF call against an unpatched WAF and a permissive IAM role were enough to expose 106 million Capital One records in 2019 — here's the checklist that stops it.
When Configuration Is the Vulnerability: Microsoft's May 2026 Look at Exposed AI Apps on Kubernetes
Microsoft's May 14, 2026 research found AI frameworks shipping Helm charts that expose web UIs on internet-facing LoadBalancers with no authentication and cluster-admin service accounts. Mage AI on port 6789 was the headline, but it was far from alone.
Cloud IAM privilege escalation paths explained
A breakdown of how cloud IAM privilege escalation paths work across AWS, GCP, and Azure, with real permission chains and breach examples.
GCP IAM privilege escalation paths explained
Attackers escalate GCP privilege using IAM actAs chains, default Editor service accounts, and Cloud Build tokens -- no exploit code required.
Misconfiguration Fatigue: Why the Same Cloud Mistakes Kee...
The same cloud misconfigurations — public buckets, stale IAM roles, unwatched drift — keep causing breaches years apart. Here's why, with real cases and how to break the cycle.