Safeguard
Tag

cloud-security

Safeguard articles tagged "cloud-security" — guides, analysis, and best practices for software supply chain and application security.

290 articles

Cloud Security

How to set up AWS GuardDuty for threat detection

A step-by-step guide to enabling AWS GuardDuty across accounts and regions, routing findings to your alerting stack, and triaging results.

Feb 20, 20268 min read
Cloud Security

How to prevent public access to AWS S3 buckets

A practical walkthrough for locking down AWS S3 buckets: Block Public Access, bucket policies, encryption, and how Safeguard catches misconfigurations early.

Feb 20, 20267 min read
Cloud Security

How to implement least privilege IAM policies in AWS

A practical guide to building a least privilege IAM policy AWS teams can trust, using Access Advisor data and generator tooling to cut over-permissioning fast.

Feb 20, 20268 min read
Cloud Security

Multi-Cloud Software Supply Chain Abstractions

Running supply chain controls across AWS, Azure, and GCP means picking the right abstractions. Here is which ones hold up and which ones you will regret.

Feb 19, 20267 min read
Cloud Security

Cloud Supply Chain Security Across AWS, Azure, and GCP

Each major cloud provider approaches supply chain security differently. Here's a practical comparison and what it means for multi-cloud organizations.

Feb 18, 20266 min read
Cloud Security

IaC Scanning Tools for Terraform and Beyond

IaC scanning tools catch misconfigured cloud resources before they're ever applied — the question is which ones actually understand Terraform's module graph instead of just its syntax.

Feb 18, 20265 min read
Cloud Security

How to set up AWS CloudTrail logging

A step-by-step guide to setting up AWS CloudTrail logging, enabling it across all regions, validating log integrity, and building a solid audit logging setup.

Feb 16, 20267 min read
Cloud Security

How to enable MFA on an AWS root account

A step-by-step guide to enabling MFA on your AWS root account, covering virtual MFA device setup, verification commands, troubleshooting, and ongoing security best practices.

Feb 15, 20268 min read
Cloud Security

GCP Artifact Analysis API for Vulnerability Triage

GCP's Artifact Analysis API is the most direct way to get scan results into your triage tooling. Here is how to use it without drowning your team.

Feb 14, 20267 min read
Cloud Security

How to set up AWS Secrets Manager with automatic rotation

A practical guide to setting up AWS Secrets Manager with automatic rotation via Lambda, including verification steps and a comparison to Parameter Store.

Feb 14, 20267 min read
Cloud Security

How to configure Azure AD Conditional Access policies

A step-by-step guide to configure Azure AD conditional access policies safely — MFA enforcement, device compliance, report-only piloting, and troubleshooting tips.

Feb 14, 20267 min read
Best Practices

What is a Honeypot

A honeypot is a decoy system or credential built to lure attackers so defenders can detect, delay, and study intrusions before real assets are touched.

Feb 13, 20267 min read
cloud-security (Page 14) — Safeguard Blog